Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec forwarding from one subnet to another

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jdmabry
      last edited by

      Hi, we replaced our ASA with PfSense about 4 months ago and, so far, everything has been great! At the time of installation I had only used PfSense on my home network, so I haven't had much time with the system. Here's the problem I'm running into right now.

      We have a company that needs a site-to-site to access one of our servers to perform a maintenance on one of our server. The servers IP is 172.16.1.12. The company is already using this subnet in their ASA so they asked me to use 10.225.1.0/24 and forward that traffic to our server (172.16.1.12). I setup the VPN tunnel and it comes up, however it doesn't ping.

      I have created a 1:1 NAT rule that looks like this:

      I have also swapped the external IP to their internal subnet (198.140.232.0/24) which didn't work either.

      Next I tried creating a IPsec rule using their internal subnet to the "dummy" subnet.

      Here's the log:

      I don't know what else to do, as I've never dealt with something like this before on PfSense. Thanks for any help you can provide.  ???

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        That's only possible in 2.1, using the NAT defined within the P2.

        1 Reply Last reply Reply Quote 0
        • J
          jdmabry
          last edited by

          @cmb:

          That's only possible in 2.1, using the NAT defined within the P2.

          Well that would explain why I couldn't get it to work. Thanks for the info!

          How stable is 2.1?

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            Very stable

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.