Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT Over IPSEC ( How to use your neighbor ipsecs WAN address when you browse ? )

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 844 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      phnielsen
      last edited by

      Hello PfSense people!

      I'm wondering if such a solution is possible?

      My Germany VM's behind pfsense MAY not be shown as 20.20.20.20 when they connect to the internet.
      I want all my Germany servers to communicate in and out via IPSEC and out on the internet on 10.10.10.10 in France.

      Is this possible? I'm running PfSense version 2.1.4 in Germany, and 2.1.3 in France.

      Attached Picture.

      Good summer to you all!

      ![Network example.png](/public/imported_attachments/1/Network example.png)
      ![Network example.png_thumb](/public/imported_attachments/1/Network example.png_thumb)

      1 Reply Last reply Reply Quote 0
      • D
        divsys
        last edited by

        Just trying to understand your scenario, are you talking about the public WAN address of the German pfSense possibly changing (due to ISP, or whatever)?  If so, you might want to simply implement some kind of Dynamic DNS (could be done for both France and Germany).

        If this isn't what you mean, please explain the situation further.

        -jfp

        1 Reply Last reply Reply Quote 0
        • P
          phnielsen
          last edited by

          Hello Divsys!

          Thank you for your reply!

          Well the scanario is that, I want all my trafic in Germany to go in and out from my france WAN.

          In france I do have a DDOS protection, which I want my clients in Germany want to benefit of.

          The datacenter in Germany doesn't provide any ddos protection at the moment, which results in many null routes daily.

          So right now it's important for me to make ALL communication in germany over the IPSEC and use France WAN for communication.

          I'm also wondering if it will be possible to Port forward on France PfSense, to my Germany LAN side?

          I hope this is well enough explained.

          Thank you once again for your reply!

          Regards
          Phil

          1 Reply Last reply Reply Quote 0
          • D
            divsys
            last edited by

            Thanks for the explanation.  I would hazard a guess that you should be able to redirect all internet traffic from the Germany LAN through the IPSEC.

            Unfortunately this is well outside my expert zone (if I even have one).

            Hopefully someone else can chime in with some pointers in the right direction.

            -jfp

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.