Route traffic between multi IPsec tunnel with NAT

  • Hello I am trying to use multi site Pfsense for a client.
    We can see the architecture as below:

    Client ===> Pfsense client ==> pfsense server ==> windows server

    I have created 2 IPsec tunnels betwenn :
    • Pfsense client and pfsense server
    • pfsense server and windows server

    the 2 tunnels IPsec are working. But we need to communicate the Client with the Windows Server throught the 2 IPsec tunnels.
    I am looking to find a way to route the traffic between the Client and the Windows Server. I have currently tested to add multiple phase 2 between the different tunnels with no success.
    Right now I am trying to test Nat Binat with Nat 1 :1. But we don’t understand how it works. It seems that could be possible to Nat above the Ipsec.

    Thanks to all for any answer.


