Nat between two site-to-site ipsecs
-
Hello,
I have two site-to-site ipsec tunnels A-B and B-C. I cannot change B-C tunnel, but I'd like to provide access A -> C - It doesn't have to be other way around. Is such scenario possible in pfsense 2.3.4p1?
A - 10.0.0.0/24
B - 20.0.0.0/24
C - 30.0.0.0/24At A I was setting up ipsec with A-C phase 2 and on B C-A phase 2 with nat set to 20.0.0.9(virtual IP) (In B-C only those networks can be set up in phase 2 so what's why I was trying to src nat to that IP).
At the best point I had "10.0.0.1 (20.0.0.9) -> 30.0.0.1" entry in state table, but I couldn't see any packages coming back.
Could you give me any hints please?