Messages

The achievement is try to communicate a vpn client to onprem server, the cliento connects using a VPN client to the OPNsense and the OPNsense establish a site to site VPN to onprem in where the server lives.  Wen I say, I'm able to see packets I refer to bites in (no bites out) on the VPN client and bites out (no bites in) on the Site to Site, this make me believe it is a NAT or FW rule missing in the opnsense.

If we stand up a server in a LAN segment connected to the OPNsense we are able to communicate the vpn client to/from the server in the LAN (This is using the VPN client) and also the onprem server to/from the LAN (using the site to site).

In cisco there is a feature called inter and intra security zone that allows the hairpining between the VPN client and the S2S but I'm not sure if something similar needs to be done on the OPNsense.

Hello,

I'm a little bit new with OPNSENSE. I'm trying to setup a Hairpining between a VPN client and and endpoint in Site A.

The topology is

VPN client ---> C2S ----> OPNSENSE ---> Site to site --- 3rd Party Device --- ONPREM

I was able to bring the VPN's but looks like there is missing some NAT configuration because I can see packets in on the CLIENT VPN but nothing out over the S2S, if I try to generate from ONPREM I see packets out but not in.

Any help will be really appreciated.