Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nat between two site-to-site ipsecs

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 379 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      badkarma
      last edited by

      Hello,

      I have two site-to-site ipsec tunnels A-B and B-C. I cannot change B-C tunnel, but I'd like to provide access A -> C - It doesn't have to be other way around. Is such scenario possible in pfsense 2.3.4p1?

      A - 10.0.0.0/24
      B - 20.0.0.0/24
      C - 30.0.0.0/24

      At A I was setting up ipsec with A-C phase 2 and on B C-A phase 2 with nat set to 20.0.0.9(virtual IP) (In B-C only those networks can be set up in phase 2 so what's why I was trying to src nat to that IP).

      At the best point I had "10.0.0.1 (20.0.0.9) -> 30.0.0.1" entry in state table, but I couldn't see any packages coming back.

      Could you give me any hints please?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.