Hi and thanks for your reply. It isn't a problem building the ipsec connection itself, but the destination end has a business requirement to not route other private adresses into their network, just public adresses. But as I understand this is not possible with pfsense? Here is some documentation about the subject with cisco: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml
2011/10/19 Klaus Wunder <[email protected]> > Hi, > > can you sent us the requirements. > Normely there is no problem building a IPSec connection between an IOS > device an pfSense. > > Kind Regards > > Am 19.10.2011 um 13:30 schrieb Ståle Johnsen <[email protected]>: > > Hi, > > We are running pfsense 2.0 on our site and we are trying to establish an > ipsec to a partner with cisco ios. The problem is that the cisco side have > some requirements: > - All traffic from our side has to come from an public ip. > > Meaning we have some servers on our local subnet that needs to send traffic > over the ipsec but the traffic has to come from an public ip instead of the > local lan ip of the server. Is that possible with pfsense 2.0? I have done > some tests with manual outbound nat rules with the following mapping: > Interface: WAN Source: Lan subnet Source port: * Destination: * > Destination: 500 NAT Address: virtual ip (public) NAT Port: * Static port: > YES > > But when I for example connect to rdp to a server over the ipsec, it's > traffic from the lan subnet ip from our site that is logged, not the virtual > public ip. I tried an outbound rule just from LAN to WAN and to use the > virtual ip as nat address and that worked as expected. > <http://whatismyip.com>whatismyip.com showed the virtual ip instead of the > real wan ip. > > So i'm just wondering if anyone here knows how to do this or if it even is > possible at all? > > Thanks in advance > > _______________________________________________ > > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > >
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
