Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN behind ADSL Modem/Router

    Scheduled Pinned Locked Moved IPsec
    5 Posts 3 Posters 5.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      Guest
      last edited by

      Good day all,

      I have a couple questions about how ipsec works and how to set it up in an abnormal way.

      First, the setup:
      I am having to deal with an ADSL router/modem that doesn't have bridging mode.  I have my pfsense box behind that.  The pfsense box receives a private IP from the dsl modem/router.  The rest of my network is behind the pfsense box.  I have ports 2-5000 forwarded from the modem to the pfsense box.  I would like to establish a endpoint to endpoint IPSEC VPN connection from my pfsense box to an external network (external network has a public address).

      The questions,
      Is an endpoint to endpoint ipsec tunnel even possible without a public address?  If so, how do you specify the pfsense box on the first network?  Is it just a matter of forwarding the IPSEC ports to the pfsense box?  This is an issue I have never experimented with and will have have a hard time working since the other endpoint is in a different country.

      Thank you for your help,
      -V

      1 Reply Last reply Reply Quote 0
      • K
        ktims
        last edited by

        Is there an option in the ADSL modem/router interface to place pfSense in a DMZ? That would probably be the easiest solution.

        1 Reply Last reply Reply Quote 0
        • F
          fastcon68
          last edited by

          What kinda of modem are you trying to use?  PF-Sense has a built in PPPOE client, so if you can bridge the device it will work.

          You would need pf-sense 1.2.3 that supports Dynamic DNS tunnels.  So you would be in good shape.
          RC

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            Thanks guys,

            There is no DMZ option.

            If I'm understanding right.  Your suggesting set up a dynamic address from dyndns (or the like) to my network.  I already have that working.  The dns will point to the DSL Router/modem.  My question is how do I direct the tunnel to the pfsense box.  The pfsense box is receiving a private IP from the DSL Router/Modem.

            Thank you both for your help,
            -V

            1 Reply Last reply Reply Quote 0
            • F
              fastcon68
              last edited by

              I have 3 Dynamic DNS VPN client VPN's tunnels no issues.
              RC

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.