Port forwarding to the VPN IPsec tunnel
We have problem in port forwarding to the tunnel VPN IPsec.
IPsec with 192.168.50.0/24
IPsec with 172.16.33.0/24
In pfsense2 I add NAT rule on WAN interface with redirect destination port 3342 to ip 192.168.50.128, but it doesn't work.
I think problem is in selectors in P2 in IPsec.
It's possible NAT this redirect to IPsec tunnel?
Thanks fo help.
No. IPsec won't do that if you are port forwarding from arbitrary addresses. You don't get reply-to at the 192.168.50.128 side so replies will go out WAN instead of back across the IPsec tunnel.
You can do that over an OpenVPN tunnel though.
Thanks for reply :)
It really can't be done on pfsense? We have Fortigate in other location and this works fine with NAT.
Maybe outbound NAT helps?
I will also check the OpenVPN solution
OK - over an OpenVPN tunnel works fine - Thanks
How can you solve the problem over an OpenVPN?