PfSense to FreeBSD VPN/IPsec
-
So where are we now, does it work? :)
-
So where are we now, does it work? :)
My problem seems to be that I can't reach 192.168.0.1 directly from pfSense box. Pings from the box to that address drop. Because of that I can't create proper route 192.168.1/24 via 192.168.0.1
Maybe I should try to create another VPN that will connect 192.169.200.1 host to 192.168.0.1 host to force traffic?
-
You can't route through IPSEC. You need to wither sum up all networks by creating a bigger subnetmask or you need parallel tunnels.
-
You can't route through IPSEC. You need to wither sum up all networks by creating a bigger subnetmask or you need parallel tunnels.
Can you please explain why it works from nanoBSD but not with pfSense? To create one more GRE tunnel to Client 2 will be very difficult as their sysadmin is not a nice person to deal with.
Currently my pfSense tunnel is 192.168.0.1/24 <-> 192.168.200.1/24 Where should I use a larger mask, on the 192.168.0.1 end?
And why I can't ping 192.168.0.1 from 192.168.200.1, but can ping it from 192.168.200.199 ?
Sorry I know I ask too much :)
-
Guess because it's a gif/ipsec tunnel?
You can run it with one tunnel like 192.168.200.0/24 <-> 192.168.0.0/16. Ask the admin of the other box to change his tunneldefinition this way and change it at your end and you should be fine.
-
Guess because it's a gif/ipsec tunnel?
You can run it with one tunnel like 192.168.200.0/24 <-> 192.168.0.0/16. Ask the admin of the other box to change his tunneldefinition this way and change it at your end and you should be fine.
Thank you, after I edited spdadd as per your advice things start to look better now (have not edited gif on FreeBSD client 1 side however). I can reach Client 2 phone system. Some more work is needed…
-
Awesome. That's great to hear.
Now where can we some of your work? :)
-
Awesome. That's great to hear.
Now where can we some of your work? :)
Photography you mean? Well I work for private clients, not something to show. If you have anything photography in mind let's take it to e-mails?
-
Photography you mean? Well I work for private clients, not something to show. If you have anything photography in mind let's take it to e-mails?
Sure. sullrich@gmail.com
-
Guess because it's a gif/ipsec tunnel?
You can run it with one tunnel like 192.168.200.0/24 <-> 192.168.0.0/16. Ask the admin of the other box to change his tunneldefinition this way and change it at your end and you should be fine.
Thank you, after I edited spdadd as per your advice things start to look better now (have not edited gif on FreeBSD client 1 side however). I can reach Client 2 phone system. Some more work is needed…
dear all
I want to make connection between pfSense and FreeBSD 6.2RC vis IPSec
But no works. could any one establish successfully?