Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT / Port forward to IPsec tunnel

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 189 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rickster
      last edited by Rickster

      Hi all,

      I am running into some issues I am unable to solve so far.
      I have a pfSense 2.4.5 running on an AWS EC2 instance which has multiple IPsec tunnels established with external firewalls of all kinds. Traffic is flowing and it's working nicely.
      For each tunnel I created a separate VLAN with it's own IP, created a gateway and a static route for traffic that is intended within the IPsec network to be routed via that gateway.

      Additionally I also created Port Forwarding so that traffic going to the pfsense private IP is forwarded to each tunnel.
      i.e pfsense IP: 172.1.1.1 port 6000 -> 10.10.10.10 port 1433

      Problem here, when connected to the pfsense box via OpenVPN this is working nicely, however when trying it from within the AWS network that is sitting behind the pfsense, I have no success.
      So I installed HAProxy and did basically the same, and this is working. So I don't think it's an issue within AWS or even firewall rules, but maybe either a limitation of pfsense or a misconfiguration on the Port Forwarding / NAT.

      Any suggestions?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.