How to portforward over ipsec vpn
-
I successfully setup a IPsec vpn using this guide https://www.youtube.com/watch?v=-GrWSnKnwgU with:
SiteA
LAN 10.0.0.1
Lan 2
Lan 3SiteB
Lan1
Lan 2 192.168.2.1
Lan 3I want incoming connections on siteA:766
to be port forwarded to 192.168.2.100:766 over the ipsec tunnelpreferably i also want Lan 3 and lan 1 also be able to access
10.0.0.1 without adding extra ipsec configuration but using
outbound NAT
it's been very hard to set this up and and im stuck, i tried so many things
any help will be highly appricate it -
@arrcy said in How to portforward over ipsec vpn:
I want incoming connections on siteA:766
to be port forwarded to 192.168.2.100:766 over the ipsec tunnelAcross a policy-based IPSec, this is only gonna to work if you either do masquerading on site B LAN2 with an outbound NAT rule or if you route the whole upstream traffic from B over A. The latter might not be desirable, I guess, the former has the drawback that you loose the information about the origin source IP.
It would work without this limitations with any other kind of VPN: routed IPSec, OpenVPN, Wireguard
preferably i also want Lan 3 and lan 1 also be able to access
10.0.0.1 without adding extra ipsec configuration but using
outbound NATJust add a phase 2 for each subnet pair, you want to connect.
LAN1 <> 10.0.0.0/24
LAN3 <> 10.0.0.0/24
Remember, that you have to add these p2 with exchanged local - remote networks.