Multiple IPsec VPN's terminating at one location

pnutjam · Jul 25, 2006, 4:59 PM

I am trying to do something I though would be simple. I have configured 3 VPN's on my head unit and each other unit only has one of those VPN's configured on them. I had two working simultaniously, but all three do not work. Now I can't even get three to work.

When I have multiple VPN's configured on one box I assume I need to specify a different identifier for each one? Do I need to put identifiers and psk's in for each static connection? It doesn't seem to be necessary if you are using the IP of the box on each end. The only connection that seems to work consistantly is the one using the IP of the main box as it's identifier. If I set another connection to use the IP of the main box as it's identifier also, it seems to cause problems. Using Domain names does not seem to work.

All IP's are static I think my problem is really linked to Identifiers and PSK's. Could somebody please clarify what is needed?

hoba · Jul 25, 2006, 5:14 PM

In case you have static IPs everywhere use "my IP Adress" as identifier everywhere. The PSK can be different but doesn't need to be. I have more tunnels than you have running at a location, some even joining from dynamic IPs (howto do that see http://pfsense.com/mirror.php?section=tutorials/mobile_ipsec/ ) and some even from non pfSense systems.

pnutjam · Jul 25, 2006, 7:23 PM

If I do this I can have more then one tunnel on the head box using "my IP" as the identifier? Can I also have different PSK's on these?

Thanks for the prompt reply :)

hoba · Jul 25, 2006, 7:31 PM

Yep, you can.