4. Nat between two site-to-site ipsecs

Nat between two site-to-site ipsecs

  • B

    Hello,

    I have two site-to-site ipsec tunnels A-B and B-C. I cannot change B-C tunnel, but I'd like to provide access A -> C - It doesn't have to be other way around. Is such scenario possible in pfsense 2.3.4p1?

    A - 10.0.0.0/24
    B - 20.0.0.0/24
    C - 30.0.0.0/24

    At A I was setting up ipsec with A-C phase 2 and on B C-A phase 2 with nat set to 20.0.0.9(virtual IP) (In B-C only those networks can be set up in phase 2 so what's why I was trying to src nat to that IP).

    At the best point I had "10.0.0.1 (20.0.0.9) -> 30.0.0.1" entry in state table, but I couldn't see any packages coming back.

    Could you give me any hints please?

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy