"All" VLAN traffic over IPSec site to site
-
Thank you in advance for support/advise
I have 2 locations, Primary and Remote
Goal: Have a WIFI SSID that is connected to a VLAN at the remote site. So when user connects to that WIFI, all the traffic is routed over IPSec VPN to the Primary location and out over its WAN connection
Already Done: Basic config of Pfsense at Primary and Remote
VLANS Done (Pfsense, UniFi)
WIFI Done (UniFi)
IPSec connection between Primary and Remote DoneSo while I can connect to the VLAN/WIFI on the remote site and ping from Remote to Primary and access resources at the primary from the remote over the WLAN/VLAN, the default gateway for internet actives is still the local gateway at the Remote site. How can I force "all" traffic on that VLAN over the remote gateway? IN other words, if I pull a website or open an app, it should go thru the remote gateway at the primary site.
Thank you
-
This is exactly what I'm trying to achieve in my setup.
As far as I understand you will need to set up Routed (VTI) IPSec VPN in order to be able to set this up. There is no way to setup IPsec Phase 2 so that remote network includes all except local addresses (which you will still want to be routed locally and not through VPN).
Once you have Routed IPSec connection working you will be able to assign it to a dedicated interface and then use the associated gateway for policy based routing
-
You are right about the VTI, I even hired a company (one of the big YouTube channels) to help and they couldn't get it to work right. There might be an issue with IPsec or so they said.
They ended up setting up OPenVPN for me in the end and its working.
Just wonder if I will get better performance over IPSec or Wireguard.
-
I have found a solution to make this work for me. I've posted the solution to my particular issue in the other thread. You can check it out to see if it works for you. That is if you're still interested to see how much performance improvement you can get with IPSec vs. OpenVPN.
-
@milenkoc Thank you very much