0

If have got a working IPSec connection between a device (raspberry) on remote side (10.X.117.0/24 network) and the local network (10.Y.0.0/16 network).

The raspberry has a static 10.X.117.1 IP on its eth0 LAN interface and 192.168.8.120 on its eth1 interface via DHCP via a LTE token which is used for the IPSec connection.

From the local network I can access the raspberry via 10.X.117.1.

But in addition I want to access:

  1. all devices (with static IPs) in the remote 10.X.117.0/24 network which are connected to eth0 from the local network such as via 10.X.117.60.
  1. the local network from the devices in the remote network.

Firewall settings on local network (PFsense) are fine because with Edge-router devices both accesses are working.

On the raspberry I have got sysctl net.ipv4.ip_forward: net.ipv4.ip_forward = 1 and /etc/nftables.conf:

#!/usr/sbin/nft -f


flush ruleset

table inet filter {
        chain input {
                type filter hook input priority filter;
        }
        chain forward {
                type filter hook forward priority filter;
        }
        chain output {
                type filter hook output priority filter;
        }
}

(Allow everything for the beginning / default config.) On 10.X.117.60 there are the same settings in nftables.conf.

nmap reports filtered for all the accesses accporing to 1. and 2.

What else do I need to set?

Improve this question

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .