IPSec setup in a strange network environment

  • Hi All,

    I have a client who has recently put in a new internet service.  The external facing part of this service is managed by the telco, and we have no control of it.
    The layout is this

    WAN IP Address : 101.178.17x.x
    This IP terminates on a Cisco router (which we have no control over - it is fully Telco managed)

    This device has IP
    Our pfsense VM is

    All traffic to the WAN IP is port forwarded to our device
    We have been able to create firewall rules for email, ssh, web etc without any drama.

    The problem is now we need to set up 6 IPSec tunnels - which are all presenting the IP as its remote endpoint.

    Is there a way to setup the live IP on this pfSense setup to enable IPSec to connect?
    (I have previously usedd ProxyARP addresses on connections with multiple IP's) but I dont think this config suits.

    Hope I've explained my situation well enough.


  • Anyone at all have any suggestions?

    I need to

    1. Get the public IP from the cisco unit presented by the pfsense box for VPN connectivity
    2. Configure a way for the private IP to connect to the remote sites