Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forwarding to the VPN IPsec tunnel

    NAT
    3
    5
    1369
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lukaszc
      last edited by

      Hi,
      We have problem in port forwarding to the tunnel VPN IPsec.
      My configuration:

      pfsense1:
      IPsec with 192.168.50.0/24

      pfsense2:
      IPsec with 172.16.33.0/24

      In pfsense2 I add NAT rule on WAN interface with redirect destination port 3342 to ip 192.168.50.128, but it doesn't work.
      I think problem is in selectors in P2 in IPsec.
      It's possible NAT this redirect to IPsec tunnel?
      Thanks fo help.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        No. IPsec won't do that if you are port forwarding from arbitrary addresses. You don't get reply-to at the 192.168.50.128 side so replies will go out WAN instead of back across the IPsec tunnel.

        You can do that over an OpenVPN tunnel though.

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 1
        • L
          lukaszc
          last edited by

          Thanks for reply :)
          It really can't be done on pfsense? We have Fortigate in other location and this works fine with NAT.
          Maybe outbound NAT helps?
          WAN->Outbound NAT->IPsec
          I will also check the OpenVPN solution
          Thanks.

          1 Reply Last reply Reply Quote 0
          • L
            lukaszc
            last edited by

            OK - over an OpenVPN tunnel works fine - Thanks

            P 1 Reply Last reply Reply Quote 0
            • P
              Pernahajder @lukaszc
              last edited by

              @lukaszc
              Hi Lukaszc!
              How can you solve the problem over an OpenVPN?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post