Forwarding over IPSec
-
I need advice on how to configure following example:
Client >>> PFSense1 <IPSec Tunnel> >>> PFsense 2 >>>> Reverse Proxy >>> WWW
Now the question is how to redirect HTTP and HTTPS request received on PFsense 1 to WWW server through IPSec Tunel that is behind PFsense 2
Thanks for help
-
Use port forward
Firewall>NAT>Port Forward>Edit
-
The traffic would have to hit a proxy on pfSense1 for that to work. The problem is that anything on pfSense2 will need to see a source address of pfSense1 or the traffic won't return to pfSense1. So you could have haproxy on pfSense1 accept and hand off the requests to the second reverse proxy.
If you were using OpenVPN then it's possible to port forward directly across, since OpenVPN will work properly with
reply-to
if you make the right set of rules on assigned interfaces. That doesn't work with IPsec VTI yet.