thx for reply
my environment is in vmware. i started four virtual server. the two is pfsense, another two is client. the network of pfsense is bridged and customed .
i found it have a tunnel device named by enc0.
my config is follow:
VPN: IPsec: Edit tunnel
Mode Tunnel tunnel
Interface WAN
DPD interval seconds
Local subnet Type: LAN subnet
Remote subnet 192.168.2.0/ 24
Remote gateway 10.48.255.252
Phase 1 proposal (Authentication)
Negotiation mode main
My identifier My IP address
Encryption algorithm AES-256
Must match the setting chosen on the remote side.
Hash algorithm SHA1
Must match the setting chosen on the remote side.
DH key group 2
1 = 768 bit, 2 = 1024 bit, 5 = 1536 bit
Must match the setting chosen on the remote side.
Lifetime 28800 seconds
Authentication method Pre-shared key
Must match the setting chosen on the remote side.
Pre-Shared Key xxxxxxx
Phase 2 proposal (SA/Key Exchange)
Protocol ESP
ESP is encryption, AH is authentication only
Encryption algorithms
AES-256
Hint: use 3DES for best compatibility or if you have a hardware crypto accelerator card. Blowfish is usually the fastest in software encryption.
Hash algorithms SHA1
PFS key group 2
1 = 768 bit, 2 = 1024 bit, 5 = 1536 bit
Lifetime seconds
other server:
VPN: IPsec: Edit tunnel
Mode Tunnel tunnel
Interface WAN
DPD interval seconds
Local subnet Type: LAN subnet
Remote subnet 192.168.0.0/ 24
Remote gateway 10.48.255.251
Phase 1 and Phase 2 as same as the first host.