IPsec routing with Virtual IP - Need help

umuzidan · Dec 9, 2014, 10:04 PM

Ok I'll give you the low down here and need some assistance on how to configure pfSense correctly. At this moment, I have some items configured but can't seem to get through with traceroute.

Real LAN: 172.30.0.0/20
Virtual IP: 211.94.93.165/32
My Public IP for IP sec tunnel: 1.1.1.1
Customer's Public IP for IPsec tunnel: 2.2.2.2
Customer's Internal IP which I need to access: 10.120.116.244

All data from the 172.30.0.0/20 subnet which is destined for 10.120.116.244/32 should be routed to the Virtual IP of 211.94.93.165. The Virtual IP should NAT all data outbound to the IPsec tunnel so the customer only see's data coming from 211.94.93.165.

At the current moment, the IPsec tunnel is up and connected. What isn't working, for starters, is a traceroute from a computer on the Real LAN. If I run tracert 10.120.116.244, the first hop is still 172.30.0.1 (router). I even created a route add for the PC to make 211.94.93.165 the gateway for all data destined for 10.120.116.244/32

Can anyone please help?

umuzidan · Dec 30, 2014, 10:32 AM

Can anyone please help?