Re: [pfSense] Problems with VPN
I cant doo that, because i need different nat pr. customer that need to use the tunnel. Med venlig hilsen Thomas Kristensen Storhaven 12 - 7100 Vejle Tlf: 75 72 54 99 - Fax: 75 72 65 33 E-mail: t...@multimed.dk -Oprindelig meddelelse- Fra: List [mailto:list-boun...@lists.pfsense.org] På vegne af d...@nvus.co.uk Sendt: 19. marts 2018 15:27 Til: 'pfSense Support and Discussion Mailing List' <list@lists.pfsense.org> Emne: Re: [pfSense] Problems with VPN Could be wrong but I think you need to define the NAT as part of the phase-2 tunnel... Dan -Original Message- From: List <list-boun...@lists.pfsense.org> On Behalf Of Thomas Kristensen Sent: 19 March 2018 13:44 To: list@lists.pfsense.org Subject: [pfSense] Problems with VPN Hey I got this problem with my pfsense firewall and iam stuck, hoping anyone can help or got any tips. Here the information on the system. WAN: 87.54.27.48/26 LAN: 192.168.16.218/24 Default gateway: 87.54.27.1 I got this VPN: Remote peer: 176.22.67.241 Remote network: 195.80.240.0/20 Local network: 195.80.247.112/29 I got this Outbound nat rule: Interface IPsec Source: 192.168.16.0/24 Dest: 195.80.240.0/20 NAT Address: 195.80.247.114/32 The problem is that traffic is leaving the WAN interface, instead of being routed over the IPSec interface and then SNAT'et to 195.80.247.114 for the tunnel to allow traffic. Firewall rules on Lan: I have allow all from LAN. I am totally stuck and hoping anyone can help me. Med venlig hilsen Thomas Kristensen Storhaven 12 - 7100 Vejle Tlf: 75 72 54 99 - Fax: 75 72 65 33 E-mail: t...@multimed.dk ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold --- This email has been checked for viruses by AVG. http://www.avg.com ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Problems with VPN
Could be wrong but I think you need to define the NAT as part of the phase-2 tunnel... Dan -Original Message- From: List <list-boun...@lists.pfsense.org> On Behalf Of Thomas Kristensen Sent: 19 March 2018 13:44 To: list@lists.pfsense.org Subject: [pfSense] Problems with VPN Hey I got this problem with my pfsense firewall and iam stuck, hoping anyone can help or got any tips. Here the information on the system. WAN: 87.54.27.48/26 LAN: 192.168.16.218/24 Default gateway: 87.54.27.1 I got this VPN: Remote peer: 176.22.67.241 Remote network: 195.80.240.0/20 Local network: 195.80.247.112/29 I got this Outbound nat rule: Interface IPsec Source: 192.168.16.0/24 Dest: 195.80.240.0/20 NAT Address: 195.80.247.114/32 The problem is that traffic is leaving the WAN interface, instead of being routed over the IPSec interface and then SNAT'et to 195.80.247.114 for the tunnel to allow traffic. Firewall rules on Lan: I have allow all from LAN. I am totally stuck and hoping anyone can help me. Med venlig hilsen Thomas Kristensen Storhaven 12 - 7100 Vejle Tlf: 75 72 54 99 - Fax: 75 72 65 33 E-mail: t...@multimed.dk ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold --- This email has been checked for viruses by AVG. http://www.avg.com ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Problems with VPN
Hey I got this problem with my pfsense firewall and iam stuck, hoping anyone can help or got any tips. Here the information on the system. WAN: 87.54.27.48/26 LAN: 192.168.16.218/24 Default gateway: 87.54.27.1 I got this VPN: Remote peer: 176.22.67.241 Remote network: 195.80.240.0/20 Local network: 195.80.247.112/29 I got this Outbound nat rule: Interface IPsec Source: 192.168.16.0/24 Dest: 195.80.240.0/20 NAT Address: 195.80.247.114/32 The problem is that traffic is leaving the WAN interface, instead of being routed over the IPSec interface and then SNAT'et to 195.80.247.114 for the tunnel to allow traffic. Firewall rules on Lan: I have allow all from LAN. I am totally stuck and hoping anyone can help me. Med venlig hilsen Thomas Kristensen Storhaven 12 - 7100 Vejle Tlf: 75 72 54 99 - Fax: 75 72 65 33 E-mail: t...@multimed.dk ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
