How to pass client IP through a PPPoE / bridge?
-
Hi all,
I have a pfSense box with 3 interfaces - LAN, WAN, VPN. The WAN is a PPPoE internet connection and the VPN is a PPPoE private VPN service back to our head office FW.
Because we want the LAN network to be essentially on the head office network, I have bridged the VPN and LAN interfaces to create a free flow of the traffic between them.
The one problem with this is that NAT obscures the client IP address. For example, let's say LAN is 192.168.1.0/24 and that the PPPoE VPN connection is getting an IP of 192.168.254.1.
When a client, 192.168.1.60, sends data through to the head office FW, the data is seen as coming from 192.168.254.1 not 192.168.1.60.
This makes implementing client specific rules on the head office FW impossible.
Is there any way to setup pfSense so it doesn't NAT/obscure the client IP addresses when sending over the VPN connection??
Thanks very much all :)
-
Just an update to this for anyone having the same problem.
Ended up disabling NAT on the PPPoE VPN interface and it's now passing the client IPs straight through.
More info at the wiki: http://doc.pfsense.org/index.php/How_can_I_completely_disable_NAT%3F#Disable_NAT