Multiple IPSEC tunnels
-
I've had an IPsec tunnel working fine for quite some time to a family member, it's a CGNAT connection, so my firewall is configured as a responder only.
WAN1
P2 10.5.1.0/24 >> 10.24.17.0/24I've setup a connection today to Open VPN cloud using IPSEC, why have I gone this route, I want something that I can use cross firewalls should I move to another firewall and IPSEC is the common "standard".
It's also for testing as I maybe temporarily be moving to a 4G CGNAT connection based on how the Virgin Media renewal goes. This setup enables the firewall to establish a VPN connection to OpenVPN Cloud and then I use my devices to connect via Open VPN Cloud, I can then connect to my site. My normal setup is OpenVPN and Wireguard for laptop and IOS devices. OpenVPN cloud also offers better features as expected compared to the lightweight option within pfsense.
OpenVPN IPSEC tunnel is set to initiate.
So both setups work fine if only one IPSEC tunnel is enabled.
I believe it's to do with overlapping P2 profiles, so I must have misconfigured something.
P2 for openVPN cloud connection is a
WAN2 - CGNAT
100.9.x.x >> 10.5.1.0/24100.9.x.x >> 10.5.99.0/24
The OpenVPN CloudConnexa address space is a 100 based address.
I'm not interested in using Tailscale, although I have a connection configured, but disabled. I have multi WAN and I want to control what goes over said interfaces.
Is what I'm trying to achieve possible?
-
@mikey_s I'm not sure this is at all related but I remember reading something about having to enable Split connections in your Phase 1 settings...
-
@Gblenn I will have a look at that, I did a bit of reading around that last night, but didn't delv deep enough etc.
Thank you