I get you now. You want to ipsec the local wan VIP to the remote site.
I don't know but I don't think this would be possible. You could ipsec 192.168.6.190 to the remote sites. Are the remote computers natted behind a firewall as well If they are you remotes are the publics and then your local subnets are the bits within the lan Interesting configuration. We have 1:1 nat from remote location public back to local network ip's so a little different from you. > -----Original Message----- > From: Jan Ślusarczyk [mailto:[EMAIL PROTECTED] > Sent: 25 October 2005 11:06 > To: [email protected] > Subject: Re: [pfSense-discussion] IPSEC tunnel, external address > > > It definitely works we use it > Send your xml for ipsec and I could helpu a little hard for me to > understand the cisco config. > > > > > I've attached my IPSec and Nat settings. > > > > Maybe you could provide a detailed explaination of what exactly you > are trying to do > > > > > The real goal of this setup is to connect inside computer with private > address 192.168.6.190 (nated 1:1 to 212.75.96.190) to remote servers > 212.2.96.67 and 212.2.96.80. This is only possible through IPSec tunnel > with remote gateway 212.2.102.235. My pfSense is configured with > 212.75.96.186 address and has 212.75.96.190 defined as a Virtual IP and > nated 1:1 to 192.168.6.190. My setup tries to make this connection. The > tunnel itself seems to work OK. But my computer cannot connect to the > remote addresses... > > > Regards > Jan
