Traffic through IPSec without NAT

  • Hello,

    I have a little problem using pfsense as vpn software appliance on aws. pfsense connect to existing remote vpn-hardware appliance.

    Defined IPSec configuration:

    Remote Network:
    Local Network:

    Next to pfsense, the vpc contains some more servers, e.g., wich should be accessible through vpn.

    The vpn connection is established successfully. Phase 1 and 2 is working.

    When I try to access some services from an instance on the remote side, e.g. access HTTP through vpn, "wget" the access is only possible, when I enable outbound NAT for source on WAN address. Otherwise, the incoming packets are not delivered or answered.

    Is it possible to access services without NAT, because for some accessible services I need the original requester ip.

    Best regards


  • After helpful discussion on the irc - thank you rawtaz - the problem could be solved.

    Generally, I have to add an additional static route for the remote network. When I create this route, I could deactivate complete NAT handling and it works as expected.

Log in to reply