Tunnel ipsec via Watchguard

  • Hi. I'm a new user. I want to close an Ipsec tunnel on a pfsenseA (rel.2.1) behind a firewall Watchguard (WG).
    The WG has an public ip x.x.x.a and a lan ip like
    The pfsenseA has two interface : wan with ip and gateway (the WG), lan with
    On the other side I've a pfsenseB with two interfaces : wan with a public ip y.y.y.b and lan with
    I want to create a tunnel between pfsenseA and pfsenseB
    So a pc of lanA with gateway can use a service on lanB
    Is it possible ? How ?
    Thank you very much.

  • Resolved.
    For other user : SNAT the public ip of the WG with 3 policies : one for ESP, one for UDP 500 and one (optional) for UDP 4500.
    Don't use the "ipsec" policy with SNAT becouse it doesn't work. Then allow "any" protocol and "any" port from the Wan of the pfsenseA ( to "any"  server.
    .. Bye

  • Ah, if you use another public ip don't remember to create a 1:1 NAT on the WG !!!!

Log in to reply