Trubl Port Forward WAN to IPSec tunel host
-
Hello
I have a problem
Forward does not work from WAN adress (office 1) to IPSec tunel host (office 2)
Please tell me what is the reason :-[
Thank you! :)I'm sorry, I did not find spoiler :o
[img]https://pp.vk.me/c638021/v638021615/664e/e8Nku_h_Xbs.jpg
-
When the traffic from the internet host is forwarded to an IPsec host, it does not match the phase 2 traffic selector because the source address is the internet address.
Only traffic between 10.0.0.0/24 and 10.20.21.0/24 is "interesting" to IPsec.
-
When the traffic from the internet host is forwarded to an IPsec host, it does not match the phase 2 traffic selector because the source address is the internet address.
Only traffic between 10.0.0.0/24 and 10.20.21.0/24 is "interesting" to IPsec.
Can I use a different method VPN?
-
You can do this with OpenVPN.
This is an example of forwarding ssh requests from the internet over OpenVPN to a destination server:
https://forum.pfsense.org/index.php?topic=82732.msg453269#msg453269
-
You can do this with OpenVPN.
This is an example of forwarding ssh requests from the internet over OpenVPN to a destination server:
https://forum.pfsense.org/index.php?topic=82732.msg453269#msg453269
According to the recommendations made settings
Forwarding to WAN office 1 does not work :(
Please tell me where I could be wrong?Many thanks!
-
Are there any rules on the OpenVPN tab next to OPT1?
If so, delete or disable them.
As soon as there are no rules on OpenVPN, do a Diagnostics > Packet Capture on that OPT1 interface using host address 10.10.21.10 port 3389 and try a couple times. What do you see there?
-
Are there any rules on the OpenVPN tab next to OPT1?
If so, delete or disable them.
As soon as there are no rules on OpenVPN, do a Diagnostics > Packet Capture on that OPT1 interface using host address 10.10.21.10 port 3389 and try a couple times. What do you see there?
Tried 2-4 attempts for 3-5 minutes :o
-
Then the traffic is not making it that far.
Post your OpenVPN configs on both sides.
-
-
You can do this with OpenVPN.
This is an example of forwarding ssh requests from the internet over OpenVPN to a destination server:
https://forum.pfsense.org/index.php?topic=82732.msg453269#msg453269
I re-read your statement, and I have everything working !!
Excellent!!
Thank you very much! -
Outstanding. Thanks.