We have a working IPSec VPN between two 4.8 endpoints. One of them is at
a remote location, and the other at the main office. The remote location
has its own external, routable IP (to establish the VPN), and an
internal subnet behind it. The main office has its own external IP,
though which it is NATing its own internal subnet.
Basically, I want to force all internet traffic from the remote,
internal subnet through the main office's internal gateway so it can NAT
out from there.
I've been attempting to accomplish this with "route-to" and "reply-to"
rules on the remote box, but have had no luck. I know IPSec keeps its
own routing table, is this interfering? Is this possible to do with PF?
--
Thanks,
Andrew Klettke
Systems Admin
Optic Fusion NOC
253-830-2943
