1:1 Nat, with VPN



  • Ok think i know the issue, just not sure how to fix it

    Public address x.x.x.x 1:1 NAT Private 192.168.1.X (With associated firewall rules)

    Private 192.168.1.X also has a VPN running, which will change the default route ?

    So my understanding is, traffic would reach the private IP, though the response would try and route via the VPN ?

    Do i need to setup a Source Nat ? this is where i am getting lost. Static routes would be difficult in this environment.


  • LAYER 8 Global Moderator

    huh??  What are you trying to accomplish exactly and why??  You need a 1:1 for why?  Can you not just port forward?  Why does a client behind pfsense have vpn connection, why would you not run the vpn connection on pfsense and then you whole network could use it if you wanted or could just policy route for specific machines or specific dest/ports to use it, etc.


Log in to reply