Port Forwarding (SMTP) through IPSec VPN possible?
-
Hello,
currently we have the question if a port forwarding (inbound NAT) can be done through an existing site2site VPN-tunnel?
The situation is that we have two pfsense boxes (one is v1.2.3 and one is 2.0.3) which both have only a WAN and a LAN interface.
Additionally they are connected via a permanent site2site VPN (IPSEC!) which is totally transparent regarding the firewall rules.
So all traffic can go back an forth through the vpn between the two pfsense boxes.Now we want to forward port 25 TCP from WAN interface of box A to a LAN-IP behind box B, like this:
–->WAN-Traffic on Port 25 TCP ---> WAN----PFSENSE-A----LAN WAN----PFSENSE-B----LAN ------->Port 25 TCP ------> Server in LAN B
| |
| |
------------>------------IPSEC-VPN----------->-------------I testet it with a NAT-Rule on WAN-Interface in pfSense A but with no luck.
Can this be done with pfSense?
What needs to be done for this?I read an article about doing this with OpenVPN which should eventually work but we are completely on IPSec in our company.
Thanks guys! :)
-
Is there a server / client relationship here where the mail server is in one of those two networks?
-
Not really what you asked for, but I wonder If this wouldn't get your mail where you want to forward it to? Not sure.
postfix
http://forum.pfsense.org/index.php/topic,40622.0.htmlIn packages:
Postfix mail forwarder acts as a relay server for your domain.
It can do first and second line antispam combat before sending incoming mail to local mail servers.
Postfix can also detect zombies, check RBLS, SPF, seach ldap for valid recipients and use third part antispam engines like policyd and mailscanner for better antispam solution.