Firewall/NAT

Hi,

I have VPN Ipsec setup and runing properly.
I can ping and RDP between computers in each site.
My question is how to get the server behind Site A can be access by using the WAN IP address of Site B?

Any help would be highly appreciated.

My scenario is attached below.

Have you tried adding a NAT and firewall rule from the WAN IP of site B to 192.168.1.2?

I doubt it would work, but worth a try.

Hi Fred,

I have tried add following Firewall rules and NAT but it does not work. I might set something wrong?
Is there something i have to do with the NAT Outbound?
192.168.10.111 is the web server instead of 192.168.1.2 the the diagram above.

I didn't think it would work, but was worth a try. I don't have any other suggestions for you, sorry.

There are some very knowledgeable people here, if it can be done and they see this thread,, you'll get an answer.

is this my answer in the handbook?

15.29. Can I forward broadcasts over VPN for gaming or other purposes?
Not yet. OpenVPN will make this possible in the future.

I don't think so. That refers to having things like Windows file sharing having visible workgroup computers. That requires broadcasts to work.

[Proto]

Thank fred,

I have set up the static routes as screenshot and have firewall log as bellow while already add the rule in the LAN

Proto TCP Source * Port * Destination 192.168.10.111 Port 80 (HTTP) Description

Did I miss some thing?

I don't think this achievable , ipsec tunnels are based on rules of traffic coming in from a lan interface and trying to reach the opposite lan.

in your scenario, even with NAt, your packet doesn't leave the lan , to re-enter it (and then enter vpn).  you would need a reverse proxy on the lan I think