Routing specific ports through router at other end of ipsec tunnel



  • Hello,

    I want to route all UDP 27000 to 27020 inclusive TCP 27020 to 27050 inclusive (Steam traffic) from my home through my office router (other end of ipsec tunnel).

    What is the simplest way to send traffic this traffic from my pc (192.168.3.81/24) <–>192.168.3.1 (pfsense home router)<--> ipsec tunnel <--> 172.16.0.1/16 (office pfsense router) <--> Wan interface (62.x.x.x) <--> Steam.  I was thinking static routes, but this is ip address specific, not port specific.  The tunnel works fine right now for the private 172.16.0.0/16 and 192.168.3.0/24 traffic.

    Thanks,
    Andrew



  • You could do this with policy routing.
    –> Setting the gateway in the firewall rule to the other side of the IPSEC tunnel.

    But you cannot set the other end of the IPSEC tunnel as gateway in the GUI.
    I dont think you can do that without unsupported manual hacking.



  • it sounds easier just to create a pptp tunnel using the windows client



  • Do you have a static route setup for the VPN subnet, as described here?
    http://doc.m0n0.ch/handbook/faq-snmpovervpn.html

    With that, it might "just work". Without it, that forwarded traffic likely isn't going over the VPN.



  • Except I want to do it by port, not destination IP.


Log in to reply