Tunnel ipsec via Watchguard
Hi. I'm a new user. I want to close an Ipsec tunnel on a pfsenseA (rel.2.1) behind a firewall Watchguard (WG).
The WG has an public ip x.x.x.a and a lan ip like 192.168.1.100
The pfsenseA has two interface : wan with ip 192.168.1.1 and gateway 192.168.1.100 (the WG), lan with 10.0.0.1
On the other side I've a pfsenseB with two interfaces : wan with a public ip y.y.y.b and lan with 126.96.36.199
I want to create a tunnel between pfsenseA and pfsenseB
So a pc of lanA with gateway 10.0.0.1 can use a service on lanB 188.8.131.52
Is it possible ? How ?
Thank you very much.
For other user : SNAT the public ip of the WG with 3 policies : one for ESP, one for UDP 500 and one (optional) for UDP 4500.
Don't use the "ipsec" policy with SNAT becouse it doesn't work. Then allow "any" protocol and "any" port from the Wan of the pfsenseA (192.168.1.1) to "any" server.
Ah, if you use another public ip don't remember to create a 1:1 NAT on the WG !!!!