Site2Site Forward a Port from WAN to S2S Network
-
Hello, i followed this Guide http://forum.pfsense.org/index.php/topic,12888.0.html
To set up a Site connection between my Rootserver (pfsense) and my Homeserver (also pfsense) both pfsense 2.0 latest release
Home Network 192.168.10.0/24
Server LAN Network 192.168.11.0/24
OPENVPN Server Network 192.168.12.0/24 (On the Rootserver)
Server WAN IP: xx.xx.xx.xxWhat i try is to forward a Port from the WAN Interface to a Device in the Site-to-Site network..
e.g. a Webserver on 192.168.10.1 Port 80..What i (newbie) did, was just creating a port forwarding from the wan Interface to the destination 192.168.10.1 port 80.. does not work…
before i started creating a site-to-site network, i created just a remote access vpn with the setting all traffic via default gw... and i tried the same, and it worked, i could forward a port to that client... Of course was it working, because the client was knowing the way back.
I saw many many threads where people answered but only with iptables commands.
How can i do the same like e.g.
http://efreedom.com/Question/2-113680/Route-Specific-HTTP-Requests-PfSense-OpenVPN
and this one http://unix.stackexchange.com/questions/55791/port-forward-to-vpn-client
But how to do that with the gui on pfsense? Is it possible?
WAN IP + PORT -> Rootserver- OpenVPN- Server - OpenVPN Client- Site-to-site network - device in s2s network+Port
Maybe its only possible with Pfsense 2.1
Another Guy in this post got maybe the same problem but maybe other circumstances
http://forum.pfsense.org/index.php/topic,57970.0.html
To make it easier to understand: All i want is to access a webserver on a Device on the Site-To-Site Network on the Client side from the external WAN Adress of the server site.
-
Hello. Just wondering if you ever found a solutions for this. I am trying to do the same thing with no luck…
-
without seeing your exact setup i can't give you exact answer but from what i can tell i see it this way:
on first pfsense you allow incoming traffic on needed port
then i believe the other site is a VPN client to pfsense on the first site, so you setup forwarding rule to forward traffic from WAN interface to IP address of of the VPN interface of the other siteon the other side, setup rule allowing incoming traffic on that particular port
after this one more rule, setup forwarding from VPN interface to internal ip address of the server on the other sideHope this helps
-
Hi kallii.
I am not sure I fully understand what you are asking me to do…
But it sounds like you are saying to setup a route FROM the VPN interface to the server...
So, example would be...
Site A:
External IP: 60.50.40.30 & 60.50.40.31 & 60.50.40.32 (Have 3 External IP Addresses)
Internal IP: 10.40.163.XXX
Tunnel Network: 192.168.2.0Site B:
External IP: 80.70.60.40
Internal IP: 10.40.162.XXX
Tunnel Network: 192.168.2.0Then I would create a forward from 162.168.2.XX to 10.40.162.XXX right? But, lets say I want 2 servers on the VPN Client side...
If you go to http://60.50.40.30 I want it to point to 10.40.162.10
If you go to http://60.50.40.31 I want it to point to 10.40.162.11Is this possible?
Thanks!