One Nic install for VPN



  • Hi all,

    I've got a setup (simplified) as follows…
    Interweb <---->Router<------>Pfsense
                                        <------>other PC

    I've got an IPSec VPN up and connecting, which is great. Despite a lot of googling and trial and error, I can't solve the routing so that the VPN client can connect to "Other PC".

    -outbound NAT on auto
    -Firewall > rules > IPSec - rule created from * to * passes

    In a way, I think I'm looking to bind IpSec back to the Wan - as this is a single nic installation. Has anyone got any ideas???



  • As along as the "other PC" has either it's default gateway or a rout set to the pfSense you should be good to go.

    Also might be worth checking your firewall rules on the IPsec interface on the pfSense.



  • PFSense's only got one nic though, I don't think you can use a wan-designated port as a gateway?



  • I've done it with OpenVPN, the pfSense had one NIC and initiated the tunnel. Any client that needed to traverse the tunnel either had it's default gateway set or had a route added to it. I don't see it working any differently with IPsec.



  • As per diagram above, I'm connecting from a remote client (192.168.1.0/24) to pfsense, which is on 192.168.0.0/24.

    The router pfsense is behind is 192.168.0.2. Also, ipsec client will be 192.168.99.0/24.

    Added a rule on that router (192.168.0.2) for anything 192.168.99.0/24 directs towards pfsense (192.168.0.110).

    Still, the VPN client(192.168.1.137 or virtually 192.168.99.1) cannot access anything on the other side of the tunnel, nor can a PC on the 192.168.0.0/24 network ping the client. Only concerned about the former though.

    Looks like it'll be a long weekend…


Log in to reply