The <nat-device> has to support ipsec pass through and shoule be able to forward IPSEC-Traffic to the pfsense behind it. the pfsense behind the NAT has to use the public IP-Adress of the <nat-device> as identifier as the connection appears to originate from that ip at the other end. All other settings should be the same like for a non natted site to site ipsec. If the connection fails check your systemlogs if traffic is passing the device correctly or if something is dropped somewhere.
Good luck, Holger > -----Ursprüngliche Nachricht----- > Von: Anders D. Hansen [mailto:[EMAIL PROTECTED] > Gesendet: Dienstag, 24. Januar 2006 12:32 > An: support@pfsense.com > Betreff: [pfSense Support] site-to-site vpn nat traversal > > > Hi list, > > This is probably a dumb question but I'm a little confused > about this > whole Nat traversal problem so here goes.... > > My setup is like this: One pfsense on a public IP address and one > behind a NAT device which only has one public IP address. > > pfsense <--------- Internet ---------->< Nat device>-pfsense > > Is it possible to create an IPSEC vpn tunnel between the two pfsense > firewalls? If so what do I specifically need to configure? > > Thank you very much. > > Kind Regards, > Anders > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > ____________ Virus checked by G DATA AntiVirusKit --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]