IPSec -> How to push multiple routes?

mxc

Hi there,

I have set up IPSEC and can connect from my Ubuntu laptops using the strongswan network-manager plugin. We have several networks on the pfsense box and would like to route to the lan and the dmz network. How can we enable automatic routing of dmz traffic on the client/? Lan is 192.168.40.0/24 DMZ 192.168.50.0. Should this just occurr naturally when the option "Provide a list of accessible networks to clients" is checked under "Mobile Clients"?

Should I make changes on the server or the client?

thanks

mxc

Ok figured it out -> I just needed to add another phase 2 setting for the DMZ on the IPSEC configuration page. Hope this helps someone else. Probably obvious to others.

awair

Is this Site-to-Site? or mobile client?

Also did you add any firewall rules?

Finally, is it necessary to stop/restart IPsec service?

Sounds like it could be similar to my situation, but I'm using Site-to-Site.

Many thanks

awair

To answer (some of) my own questions:

I chose a reboot https://forum.pfsense.org/index.php?topic=124304.0