Routing between two remote Ipsec Tunnel

  • Hello,
    we are trying to fulfill a complex configuration request from our customer

    • They have one PF-1120A in the headquarter (site B). This firewall is connected via IPsec site-to-site to a remote firewall Cisco? (site C)
    • Site C is from a different Customer, we can not change configuration nor firewall brand.
    • All traffic from site B (many IP client) to site C (via Ipsec) it is NAT to a single IP address. (NAT many-to-one inside the IPsec tunnel)
    • They need to contact two RDP server located in site C
      Until here everything works fine.
    • Few days ago the customer opened a new branch office (remote site A). In this site he has another firewall brand Zyxel.
    • We  successfully created another Ipsec tunnel Site-to-Site between site A (zyxel) and site B (PFsense).

    Customer ask if it is possible from all Pc Clients located in remote branch office (site A - Zyxel) contact RDP servers in (site C - Cisco?) passing thought (site B - PFsense) via IPsec tunnel.
    We are not sure if this configuration it is possible….... Server RDP in site C respond only to one IP (NAT many-to-one)
    We found a doc but we are not sure this is our situation:

    Hope someone can give us an help
    thank you

  • By chance it is possible to use an OpenVPN tunnel between site A and Site B, and after create a Pfsense rule to send packet from site A to site C?
    thank you

Log in to reply