One Nic install for VPN
I've got a setup (simplified) as follows…
I've got an IPSec VPN up and connecting, which is great. Despite a lot of googling and trial and error, I can't solve the routing so that the VPN client can connect to "Other PC".
-outbound NAT on auto
-Firewall > rules > IPSec - rule created from * to * passes
In a way, I think I'm looking to bind IpSec back to the Wan - as this is a single nic installation. Has anyone got any ideas???
As along as the "other PC" has either it's default gateway or a rout set to the pfSense you should be good to go.
Also might be worth checking your firewall rules on the IPsec interface on the pfSense.
PFSense's only got one nic though, I don't think you can use a wan-designated port as a gateway?
I've done it with OpenVPN, the pfSense had one NIC and initiated the tunnel. Any client that needed to traverse the tunnel either had it's default gateway set or had a route added to it. I don't see it working any differently with IPsec.
As per diagram above, I'm connecting from a remote client (192.168.1.0/24) to pfsense, which is on 192.168.0.0/24.
The router pfsense is behind is 192.168.0.2. Also, ipsec client will be 192.168.99.0/24.
Added a rule on that router (192.168.0.2) for anything 192.168.99.0/24 directs towards pfsense (192.168.0.110).
Still, the VPN client(192.168.1.137 or virtually 192.168.99.1) cannot access anything on the other side of the tunnel, nor can a PC on the 192.168.0.0/24 network ping the client. Only concerned about the former though.
Looks like it'll be a long weekend…