[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-misc
Subject: How to UDP packets from DMZ LAN to IPsec tunnel
From: Martin <martingot () protonmail ! com>
Date: 2020-11-26 18:56:34
Message-ID: Wi9hn6z5Y8YtVnYQzXTbJDcpLspZ3LIztW_rqT0hKwGG_lPTQGmn7_matScUxmF7vpq_Aambr1w26TGC2oV5TEH8eSVqzlrdJtQYmgwyVVw= () protonmail ! com
[Download RAW message or body]
Hello,
I'm looking for a way to have UDP packets transmitted over system wide IPsec tunnel \
from LAN 10.0.200.0/16 machine with IP 10.0.200.4 like below:
PC 10.0.200.4 UDP => NAT to IPsec IF => IPsec VPN tunnel => GW to Internet
Now I have only TCP working with relayd proxying when IPsec VPN tunnel is connected \
like shown below:
PC 10.0.200.4 TCP => relayd 10.0.200.1 => NAT to IPsec IF => IPsec VPN tunnel => GW \
to Internet
I don't know why, but direct TCP/UDP connections don't work at all from LAN machines \
trough global NAT to IPsec IF. Even TCP works trough relayd proxy.
The same global NAT rule to egress (without IPsec VPN tunnel) works as expected and \
all UDP/TCP traffic go to Internet without any additional manipulations.
Please advise what can be wrong or misconfigured.
Martin
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic