As the title say, I cannot establish connection on two-way comms like SSH on Phase 2 VIP attached to LAN IP using NAT 1:1.
Phase 1 and Phase 2 is UP. Phase 2 Remote IP is 192.168.1.248 and Local IP is 172.16.250.10 (VIP)
I created a NAT 1:1 both on LAN interface and IPSec interface which says: External IP 172.16.250.10 (VIP...) Internal IP 192.192.168.1.253 (Actual pfSense IP)
To test this out I am trying only SSH at the moment. I created two rules on the Firewall, one for ICMP and one for SSH.
ICMP works fine - Not sure why. Here is the rule and the Packet Capture respectivelly, of the ICMP and the SSH:
Rules:
Packet Capture of the ICMP - Blurred some info because I am not sure what is it for...:
And here is a Packet Capture of a SSH attempt - Which is unsuccessful, with both a telnet test and SSH test itself on log:
As you can see, pfSense did not responded like when doing the ICMP. This also happens even if I allow all rules on IPSEC and LAN, and also happens in other services like Zabbix ports. For clarification: Yes, SSH is enabled.
I want to also inform beforehand that I created a static route for IN → OUT (Which works fine.)
I went here because I am really out of ideas and need some help. Can someone give me some light on this?
Thank you.
