Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ipsec phase 2 with public IP as local network (200$ bounty for solution)

    Scheduled Pinned Locked Moved
    General pfSense Questions
    2
    3
    82
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Drew4614
      last edited by Drew4614

      I have a VPN predefined by a manufacturer.
      In the second phase, one of the virtual IPs must be used as the local network and all traffic must be sent to an external address subnet, which is also a remote network in the second phase.
      All LAN traffic must be masked with the local virtual IP outgoing via Nat

      Example:

      WAN is a /29 subnet
      ip 18x.x.x.10/29
      Virtual ip 18x.x.x.11/32

      ipsec Tunnel:
      local network 18.x.x.11/32
      remote network: 20x.x.x/23

      Tunnel goes up ... Ping test from 18x.x.x.11/32 to 20x.x.y/23 works!
      but lan-subnet traffic goes never via ipsectunnel to 20x.x.x/23

      any help is welcome

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Drew4614
        last edited by

        @Drew4614
        In your phase 2 you have to state:
        local network: LAN network
        BINAT: address > 18.x.x.11
        remote network: 20x.x.x/23

        1 Reply Last reply Reply Quote 1
        • D
          Drew4614
          last edited by

          Thanks solved.. but i solved the problem myself .. but you are the winner.. do you have an btc or monero wallet

          1 Reply Last reply Reply Quote 0
          • First post
            Last post