The lightest-weight option would be gif(4) tunnels. These are fully supported in pfSense, but very poorly documented. Second-lightest would be gre(4) tunnels… with the identical caveats. The FreeBSD manpages are your best guide for setting up either one. It’s also possible to configure OpenVPN with a null cipher, although I don’t recall if the pfSense UI permits that.
-Adam From: Adam Stasiak [mailto:[email protected]] Sent: Tuesday, June 05, 2012 7:21 PM To: [email protected]; pfSense support and discussion Subject: Re: [pfSense] Redirecting connections to a second site with NAT It certainly doesn't appear that pfSense will rewrite the source address itself. And if it did, I'd imagine that to the webserver, everything would appear to be coming from that one address. Would it be feasible for me to set up a site-to-site VPN, and NAT the traffic onto that, rather than over the open internet? I don't think I would really need the encryption, just the encapsulation. Is there a lighter weight way of encapsulating the packets than using IPSEC or OpenVPN? Would that idea even be likely to work?
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
