Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    1:1 NAT within Hub and Spoke IPsec VPN setup

    IPsec
    1
    1
    520
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chanle last edited by

      Hi,
      following situation:
      Main Location (10.1.0.0/24) has two IPsec VPN connections.
      First IPsec VPN is to a sub location (10.1.2.0/24).
      Both endpoints are pfSense (Cluster) owned and managed by us.
      Second IPsec VPN (10.100.13.0/24) is to a data centre, firewall is not owned by us, every change is complicated an very expensive.
      Now i need to get access through VPN from sub location (10.1.2.0/24) to some servers in the data centre (10.100.13.0/24).

      for testing i have done as far:
      1. created an  IP alias (10.1.0.200) on firewall at main location
      2. created a 1:1 NAT
                  <onetoone><external>10.1.0.200</external>

      <interface>lan</interface>
      <source>

      <address>10.100.13.182</address>

      <destination><any></any></destination></onetoone>
      [tested all NAT reflection types]
      3. set proper rules (I hope so) with logging.

      reaching the host in the data centre (10.100.13.182) by IP 10.1.0.200 from the 10.1.0.0 net is no problem, but i don't get a connection from the 10.1.2.0 network.

      any hints or help how to resolve this issue ?

      regards
      Christoph

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy