none
NAT to NAT with RRAS - routing between 2 NATted subnets?

    Question

  • I can't post pictures or links of my diagram (because I'm not verified apparently) so I uploaded it to imgur: imgur.com/sCOVNxU

    PfSense:
    WAN IP: Internet
    LAN IP: 10.0.10.1
    LAN Subnet and DHCP at: 10.0.10.0/24

    Windows RRAS Router:
    WAN IP: 10.0.10.2
    LAN IP: 24.0.0.1
    LAN Subnet and DHCP at: 24.0.0.0/24
    NAT on WAN to allow internet to LAN clients.

    I'm aware using 24.x.x.x is suboptimal and I will change that.

    I'm trying to figure out how to configure RRAS in order to allow my PfSense router to access a downstream routed network.

    The Windows RRAS router is connected to a port on the PfSense router. I can ping Windows RRAS router on the WAN IP from PfSense router (from 10.0.10.1 to 10.0.10.2).

    I can also ping between clients 24.0.0.2 and 24.0.0.3. I can ping from clients 24.0.0.x to PfSense Router 10.0.10.1.

    I set up a static route in PfSense router on its LAN interface to route 24.0.0.0/24 traffic through 10.0.10.2 (as a gateway).

    When attempting ping from 10.0.10.1 to any 24.0.0.x (including Windows RRAS LAN IP), Wireshark on 10.0.10.2 is showing that ICMP packets are inbound on the WAN interface, however it is showing (no response found!) at the end, and RRAS is showing an increase in count of the Inbound Packets Rejected. No ping response is shown on 10.0.10.1.

    Any help would be greatly appreciated! I'm assuming the problem lies in RRAS configuration because the packets reach RRAS but are not routed properly - they are rejected.

    Firewalls are off everywhere.

    Thank you very much for your help
    Friday, May 4, 2018 12:49 AM

All replies