IPSec forwarding from one subnet to another



  • Hi, we replaced our ASA with PfSense about 4 months ago and, so far, everything has been great! At the time of installation I had only used PfSense on my home network, so I haven't had much time with the system. Here's the problem I'm running into right now.

    We have a company that needs a site-to-site to access one of our servers to perform a maintenance on one of our server. The servers IP is 172.16.1.12. The company is already using this subnet in their ASA so they asked me to use 10.225.1.0/24 and forward that traffic to our server (172.16.1.12). I setup the VPN tunnel and it comes up, however it doesn't ping.

    I have created a 1:1 NAT rule that looks like this:

    I have also swapped the external IP to their internal subnet (198.140.232.0/24) which didn't work either.

    Next I tried creating a IPsec rule using their internal subnet to the "dummy" subnet.

    Here's the log:

    I don't know what else to do, as I've never dealt with something like this before on PfSense. Thanks for any help you can provide.  ???



  • That's only possible in 2.1, using the NAT defined within the P2.



  • @cmb:

    That's only possible in 2.1, using the NAT defined within the P2.

    Well that would explain why I couldn't get it to work. Thanks for the info!

    How stable is 2.1?



  • Very stable


Locked