IPSec to IP Alias port forward
-
Hi all,
I'm 99% sure this is not going to work as intended, but have the following scenario.
VPN where remote side is sourcing traffic via PAT with a public address. Our side is also presenting a public address, but configured as an IP Alias within a management network. P2 settings have these publics as the remote and local network address respectively.
On the management interface, we've created a couple port forwards with our public as the destination, and a real IP/port within the management network as the back end target.
Traffic to the back end is seen and returned to the PFSense device as expected, but then blackholes there. From the perspective of IPSec, the source is not seen as the public at this point, but the real IP of our back end server, thus gets dropped.
Our overall intent here is to have this public IP used with several port forwards on varying ports to devices both local to this PFSense as well as remote from it.
The question is how best to configure the PFSense to properly return the traffic, if this is even possible.
To be clear, we're not port forwarding through/to the tunnel, rather after the tunnel on one side of it.