NAT IPsec Lan to lan issue
-
Hi,
I’m working in a case with I am using a VPN IPsec between two sites
Site 1- Public IP : 195.1.1.1
- VPN LAN IP 1 : 10.28.x.0/24
- VPN LAN IP 2 : 10.28.y.0/21
Site 2
-
Public IP: 51.2.2.2
-
Pfsense Virtual Network : 10.29.183.192/26
o Internal IP : 172.16.0.14
o Virtual IP 1 : 10.29.183.193
o Virtual IP 2 : 10.29.183.194 -
LAN IP : 172.16.0.0/16
o Server 1 : 172.16.0.8 -
The VPN corrects correctly
-
The server 1 (172.16.0.8 ) and the server 2 (172.16.0.11) can ping the Pfsense Virtual Network : 10.29.183.192/26 I have added the route
-
When I’m connect on the Pfsense console (Site 2), I can ping
o the VPN LAN on the site 1
o the 172.16.0.0 on the site 2 -
On the server I have rewritten the routes :
-
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.28.x.0 255.255.255.0 172.16.0.14 1
10.28.y.0 255.255.248.0 172.16.0.14 1
0.0.0.0 0.0.0.0 x.x.x.x Default
10.29.183.192 255.255.255.192 172.16.0.14 1
The NAT 1:1 is enable
But the server 1 (172.16.0.8 | site 2) can’t ping a server in the site 1.
Have you any idea ?