Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSec VPN - NAT to DMZ host

    NAT
    2
    2
    1975
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      StefanK last edited by

      Hi,

      im fairly new with pfSense but got most of the stuff i need working.
      Now 1 item is giving me a headache and i hope someone can help.

      I got  a VPN from Home (Cisco cable modem with IPSec) to my Office (pfSense 2.1), which is working.
      At the Office,  i got a LAN and DMZ configured.
      Locally at the Office everything works, i made a nat rule from LAN to DMZ which is working.
      Now, the problem is that the NAT rule does not work over VPN, i can not access the server over VPN in my DMZ.

      I tried to create a 2nd NAT rule on the IPSec interface but that won't fix the problem (i checked firewall rules, they are created fine and the same works for the NAT rule from LAN to DMZ).

      So basicly, what it comes down to, this works:
      LAN 192.168.137.x NAT rule for 192.168.137.200 to 192.168.22.50 (DMZ)

      What  i need is this:
      IPSec Home -> Office LAN NAT > DMZ

      1 Reply Last reply Reply Quote 0
      • M
        mattb253 last edited by

        you may need to add a second phase 2 entry for your ipsec tunnel that enables routing to that subnet

        screenshots of your IPSEC configuration from the pfsense side?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy