VPN behind ADSL Modem/Router

  • Good day all,

    I have a couple questions about how ipsec works and how to set it up in an abnormal way.

    First, the setup:
    I am having to deal with an ADSL router/modem that doesn't have bridging mode.  I have my pfsense box behind that.  The pfsense box receives a private IP from the dsl modem/router.  The rest of my network is behind the pfsense box.  I have ports 2-5000 forwarded from the modem to the pfsense box.  I would like to establish a endpoint to endpoint IPSEC VPN connection from my pfsense box to an external network (external network has a public address).

    The questions,
    Is an endpoint to endpoint ipsec tunnel even possible without a public address?  If so, how do you specify the pfsense box on the first network?  Is it just a matter of forwarding the IPSEC ports to the pfsense box?  This is an issue I have never experimented with and will have have a hard time working since the other endpoint is in a different country.

    Thank you for your help,

  • Is there an option in the ADSL modem/router interface to place pfSense in a DMZ? That would probably be the easiest solution.

  • What kinda of modem are you trying to use?  PF-Sense has a built in PPPOE client, so if you can bridge the device it will work.

    You would need pf-sense 1.2.3 that supports Dynamic DNS tunnels.  So you would be in good shape.

  • Thanks guys,

    There is no DMZ option.

    If I'm understanding right.  Your suggesting set up a dynamic address from dyndns (or the like) to my network.  I already have that working.  The dns will point to the DSL Router/modem.  My question is how do I direct the tunnel to the pfsense box.  The pfsense box is receiving a private IP from the DSL Router/Modem.

    Thank you both for your help,

  • I have 3 Dynamic DNS VPN client VPN's tunnels no issues.

Log in to reply