Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ipsec to network with multiple gateways

    IPsec
    1
    2
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      riaano
      last edited by

      Hi,
      my network looks something like this:

      10.0.0.10 - 10.0.0.100  –--> 10.0.0.1 (pfsense with ipsec) ----> internet

      10.0.0.101 - 10.0.0.120  ----> 10.0.0.2 (pfsense without ipsec) ------> internet

      10.0.0.121 - 10.0.0.199 -----> 10.0.0.3 (pfsense without ipsec) ------> internet

      now my remote side connects to 10.0.0.1 via ipsec with phase 1 and 2 identical on both sides.
      the remote side can access / connect / ping any of the machines in range 10.0.0.10 - 10.0.0.100 and visa versa but not to the other machines.

      jimp : you suggested adding additional phase 2 entries, i tried, but im not sure im doing it correct...do i add the other phase 2 entries to point to a          single address ?

      any other help will also be appreciated.

      Thanks

      1 Reply Last reply Reply Quote 0
      • R
        riaano
        last edited by

        Hi, i think i found my answer by playing around a bit.

        My remote network is 10.1.105.0/24, i then added a route on 10.0.0.2 –> route add -net 10.1.105.0 10.0.0.1 255.255.255.0
        then i could access the machines running through gateway 10.0.0.2

        i hope this might help someone else.

        Thanks,

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.