4. 1:1 NAT within Hub and Spoke IPsec VPN setup

1:1 NAT within Hub and Spoke IPsec VPN setup

  • C

    Hi,
    following situation:
    Main Location (10.1.0.0/24) has two IPsec VPN connections.
    First IPsec VPN is to a sub location (10.1.2.0/24).
    Both endpoints are pfSense (Cluster) owned and managed by us.
    Second IPsec VPN (10.100.13.0/24) is to a data centre, firewall is not owned by us, every change is complicated an very expensive.
    Now i need to get access through VPN from sub location (10.1.2.0/24) to some servers in the data centre (10.100.13.0/24).

    for testing i have done as far:
    1. created an  IP alias (10.1.0.200) on firewall at main location
    2. created a 1:1 NAT
                <onetoone><external>10.1.0.200</external>

    <interface>lan</interface>
    <source>

    <address>10.100.13.182</address>

    <destination><any></any></destination></onetoone>
    [tested all NAT reflection types]
    3. set proper rules (I hope so) with logging.

    reaching the host in the data centre (10.100.13.182) by IP 10.1.0.200 from the 10.1.0.0 net is no problem, but i don't get a connection from the 10.1.2.0 network.

    any hints or help how to resolve this issue ?

    regards
    Christoph

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy