Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple Static Routes over IPSEC

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 562 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      Daedalus0101101
      last edited by

      Hello all,

      I am trying to setup multiple static Routes over IPSec.  I was able to specify 1 subnet on the remote end, but I have 75 subnets that I would like to connect to.  I have heard to use 0.0.0.0 as the remote subnet, but that would route my internet over the IPSec tunnel as well.  My bandwidth at the the local site is much faster than the remote site so traffic to the internet would be preferred to go out locally.  Is this even possible or do I need to switch to something else.  If it helps, I am using a Fortigate on the remote end.

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        IPsec does not route, so you can't use static routes. You need a separate Phase 2 entry for each distinct pairing of local and remote networks.

        The easiest way to reduce that is to summarize the remote networks. Are they all close by each other? Can you use a larger subnet mask to include all of them? Or at least reduce the number to something manageable?

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.