1:1 NAT / Port Forward Over Site-Site VPN

NAT
Log in to reply
  • T

    I have been having trouble to achieve the following.

    Site A:
    WAN IP: 1.1.1.1 (1.1.1.2 - 1.1.1.4)
    LAN IP: 10.10.10.1

    Site B:
    WAN IP: 2.2.2.2
    LAN IP: 10.10.20.1

    Site A and Site B has been setup with IPSec

    is it possible, that I can forward the traffic going to Site A (1.1.1.2) to a server inside Site B (eg. 10.10.20.55)

    Internet –> (Site A) 1.1.1.2 --> (Site B) 10.10.20.55

    0
  • jimp
    Rebel Alliance Developer Netgate

    That isn't possible with IPsec, unless on the Phase 2, the site A side is defined as 0.0.0.0/0 to send all traffic back over IPsec (at least from a source of 10.10.20.55)

    It's possible with OpenVPN and has been described several times around the forum and mailing list. It requires assigning the OpenVPN interface and moving some rules around but it works fine.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy