4. Port forwarding to the VPN IPsec tunnel

Port forwarding to the VPN IPsec tunnel

  • L

    Hi,
    We have problem in port forwarding to the tunnel VPN IPsec.
    My configuration:

    pfsense1:
    IPsec with 192.168.50.0/24

    pfsense2:
    IPsec with 172.16.33.0/24

    In pfsense2 I add NAT rule on WAN interface with redirect destination port 3342 to ip 192.168.50.128, but it doesn't work.
    I think problem is in selectors in P2 in IPsec.
    It's possible NAT this redirect to IPsec tunnel?
    Thanks fo help.

    0
  • LAYER 8 Netgate

    No. IPsec won't do that if you are port forwarding from arbitrary addresses. You don't get reply-to at the 192.168.50.128 side so replies will go out WAN instead of back across the IPsec tunnel.

    You can do that over an OpenVPN tunnel though.

    1
  • L

    Thanks for reply :)
    It really can't be done on pfsense? We have Fortigate in other location and this works fine with NAT.
    Maybe outbound NAT helps?
    WAN->Outbound NAT->IPsec
    I will also check the OpenVPN solution
    Thanks.

    0
  • L

    OK - over an OpenVPN tunnel works fine - Thanks

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy