Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2 sites, 2 ipsec, 2 wan each side. Only 1 tunnel can route???????? Please Help

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cr_hyland
      last edited by

      I have 2 sites, each with pfSense 2.0 beta (i tried 1.2.3 on each but same result)
      Each site has 2 wan, 1 pppoe DSL and 1 static SDSL. The pppoe at each site is DSL 24mx1m and the static at each site is SDSL 4mx4m
      The reason for the multi wan at each site is so that we can have ipsec vpn SDSL to SDSL for server traffic, exchange, file transfers etc
      and the DSL at each site so we can have ipsec for Trixbox ip phones and voip between extensions in bots sites etc.

      Originally i tried it with just SDSL to SDSL but the traffic shaper couldnt shape voip traffic between the ipsec tunnel and voip conversations were extremely choppy to the point where it was unusable. This was due to the high volume of general network and file traffic between the sites. I then decided to get a dsl connection at each site and set up an ipsec tunnel for Trixbox and voip between the sites only. No other traffic flows over the dsl connections.

      Problem is that i can get both tunnels to come up but only one tunnel, the SDSL, will transport traffic.

      Config is like this.
      Site1
      pfSense 2.0 Beta1 4. interfaces
      1. SDSL, Static, 4mx4m, ipsec tunnel A (for file vpn)
      2. DSL, pppoe (with static ip) 24mx1m, ipsec tunnel B (for voip vpn)
      3. Lan, 192.168.1.x  (plan to use ipsec A to Site 2)
      4. IP Phones, 192.168.0.x (plan to use ipsec B to Site 2)

      Site 2
      pfSense 2.0 Beta1 3. interfaces
      1. SDSL, Static, 4mx4m, ipsec tunnel A (for file vpn)
      2. DSL, pppoe (with static ip) 24mx1m, ipsec tunnel B (for voip vpn)
      3. Lan, 10.10.1.x  (plan to use ipsec A to Site 1)
      IP Phones, 192.168.0.x (plan to use ipsec B to Site 1)

      Both tunnels are up but only the ipsec Vpn A will route traffic.
      From Site 1 from the lan if i ping 10.10.1.1 (Server at site 2) i get a reply
      From Site 1 from the IP Phones network if I ping 10.10.1.250 (Trixbox at site 2) i get no reply.

      From Site 2 if I ping 192.168.1.1 (Server on lan at Site 1) i get a reply
      From Site 2 if I ping 192.168.0.1 (Trixbox on IP Phones network at Site 1) I get no reply.
      As you can see Ipsec tunnel A routes traffic OK but Ipsec B does not.

      Has anybody any idea what is the problem here. Do I need static routes here or something else?

      I can provide more info as requested.

      Cheers.

      1 Reply Last reply Reply Quote 0
      • C
        cr_hyland
        last edited by

        Ok, never mind. I did a new install with 2.0 beta from 19 Jan 2010. Everything worked as i expected straight away. No issues routing to either subnet.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.