Routing between 2 pfsense

  • I hope this is in the right location. I'm new to this forum and dealing with multiple location routers.

    We're trying to setup external access to some air conditioners at different branches within a library system. This is the first time we've needed any external traffic to touch multiple branches instead of just one.

    All branches are connected via VPN.

    The first router exists at Branch A.

    This is also the only NAT table which external to internal traffic ever touches (based off a discussion with our ISP)

    The air conditioner at Branch A has in internal IP xx.xx.100.xx

    When a user externally accesses xx.xx.xx.AA, Firewall: NAT: 1:1 handles this relationship (xx.xx.xx.AA –-> xx.xx.100.xx) just fine.

    The second router exists at Branch B.

    The air conditioner is assigned an internal IP xx.xx.120.xx

    We want to assign an external IP address for Branch B's air conditioner as xx.xx.xx.BB

    However, when we setup a NAT: 1:1 rule on Branch A's NAT table for this relationship (xx.xx.xx.BB ---> xx.xx.120.xx), it does not work

    Is there a way to route this traffic using rules/forwarding/etc? Or will we need to pay ISP to allow the NAT table at Branch B to be activated?

  • LAYER 8 Netgate

    Why are you port forwarding if they are connected via VPN?

  • We're not, at least not yet. I just included that in the question based on what I was seeing in the settings options which appeared to assist in changing traffic destinations around.

    Based on your response, it looks like forwarding wouldn't be involved. Please forgive my lack of knowledge as I'm really new at this.

  • LAYER 8 Netgate

    If they are connected via VPN they should probably be speaking with each other directly from private network to private network without any NAT.

