Port Forwarding: Remote Client via IPSEC VPN - Port Forward to Pfsense LAN IP



  • Hello, I am having a IPSEC Port Forwarding Issue, any help appreciated!!

    • Normal: Interal LAN A IP - port forward to WAN - Works fine as you would expect

    • IPSEC Issue: Remote Client IP through IPSEC VPN - port forward to LAN A - doesn't work

    Image explains the issue:



  • Netgate

    I don't get it. 10.0.0.0/16 does not collide with 10.17.0.0/24.

    But what you are doing should work, I guess.

    Depends on what the rest of the firewall rules on that interface are, the IPsec traffic selectors, any policy routing in place, etc.



  • Yes, sorry I meant to put 10.0.0.0/8.

    In theory it should work, its good to hear that someone else agrees. Here are some further details:

    Firewall Rules
    Are allow all on all interfaces for testing

    IP Traffic Selectors (see image).
    Only NAT is not configured, I don't need this right?

    Policy Routing
    I have not done anything with routing policy. What would I need to do?

    Thanks,
    Ray



  • Netgate

    Well that doesn't work because 172.16.0.0/24 is not in the traffic selector. Port forwards translate the destination address, not the source address.