Problem with VPN

gio79

Hello to all

I have a problem with my … PfSense attached the image of my situation, in this image are the various IP addresses that I have indicated with different letters for not essereci confusion ...
my problem is that the various VPN must be handled by the firewall hold

So how should I set up my PfSense for the traffic that comes from the VPN and VPN management steps remain to hold the firewall?

Thanks to all

viragomann

You cannot not express IP addresses in letters! Not that way you did.
In your map a.b.c.d is in the same subnet as s.d.f.g??? What is the network mask? 0 or a???
You may replace the subnets with others, but always one certain net with the same other.

Furthermore is your description incomplete.
Which kind of VPN is it?
Is the pfSense in bridge mode or does it NAT?
Only one WAN IP or more?

gio79

Hello I redid the pattern by changing the position between PfSense - Hold Firewall

I also put the various IP addresses

What do you mean "Which kind of VPN is it?"

It only has a WAN IP

PFSense NAT ago

Hello and thank you

viragomann

Now you have a NAT Router in front of your firewall an you doing NAT three times in series. With this setup it's not easy to access your LAN, since the VPN is terminated on hold and there is a further NAT level between it an LAN.

Why don't you switch pfSense and your internet router in bridge mode? At least pfSense.
For the internet router otherwise you have to pass through VPN to hold.

gio79

Hello thanks for the advice

I wanted to ask if imposed PfSense in bridge mode, I can apply the same firewall rules, such as the IP block, DNS Forwarder etc?

thanks

viragomann

I wanted to ask if imposed PfSense in bridge mode, I can apply the same firewall rules, such as the IP block, DNS Forwarder etc?

Yes, as far as I know. But I don't use it in my environment.
The logical difference is, you have no NAT and DHCP.