IPSec and Port Forward



  • I have a use case where I need traffic coming IN from an IPSec tunnel to be port forwarded to another IP Address outside the IP addressing of the pfSense appliance.

    An example is :

    (remote network) 10.1.0.0/24 -> IPSec -> 172.17.0.0/24 (local network)

    172.17.0.1 isn't connected to the pfSense appliance, but I'd like it to be remapped to a different IP address if traffic from the remote network is trying to access a specific port, like 8000 on 172.17.0.1. Ideally I'd map that port to be any IP address (even an internet endpoint if need be).

    I used to do this with a Sophos UTM and it could do the above but want to be able to achieve this for pfSense too.

    Is this something like this possible with outbound NAT or port forwarding? Maybe I could use load balancing to achieve this?

    I have tried quite a few different NAT rules but have had no luck, any help would be appreciated!

    Thanks
    Mark


Log in to reply