1. Home
  2. pfSense® Software
  3. NAT
  4. Port forwarding to the VPN IPsec tunnel

Port forwarding to the VPN IPsec tunnel

  • L

    Hi,
    We have problem in port forwarding to the tunnel VPN IPsec.
    My configuration:

    pfsense1:
    IPsec with 192.168.50.0/24

    pfsense2:
    IPsec with 172.16.33.0/24

    In pfsense2 I add NAT rule on WAN interface with redirect destination port 3342 to ip 192.168.50.128, but it doesn't work.
    I think problem is in selectors in P2 in IPsec.
    It's possible NAT this redirect to IPsec tunnel?
    Thanks fo help.

    0
  • Derelict
    LAYER 8 Netgate

    No. IPsec won't do that if you are port forwarding from arbitrary addresses. You don't get reply-to at the 192.168.50.128 side so replies will go out WAN instead of back across the IPsec tunnel.

    You can do that over an OpenVPN tunnel though.

    1
  • L

    Thanks for reply :)
    It really can't be done on pfsense? We have Fortigate in other location and this works fine with NAT.
    Maybe outbound NAT helps?
    WAN->Outbound NAT->IPsec
    I will also check the OpenVPN solution
    Thanks.

    0
  • L

    OK - over an OpenVPN tunnel works fine - Thanks

    0 P 1 Reply
  • P

    @lukaszc
    Hi Lukaszc!
    How can you solve the problem over an OpenVPN?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy