IpSec Routing Problem
-
Hello first of all thanks for your help from now.
We now turn to what happens.
my configurationPeer SiteA: 200.13.42.64
Phase-1: 3DES, SHA1, Group2, Time 28800; Preshared-Key 12345
Phase-2: 3DES, SHA1, Time 3600; PFS-ON; ENCRYPTION DOMAIN: 192.168.1.46SITEB Peer: 204.12.53.12
Phase-1: 3DES, SHA1, Group2, Time 28800; Preshared-Key 12345
Phase-2: 3DES, SHA1, Time 3600; PFS-ON; ENCRYPTION DOMAIN: 192.168.1.31and what I need is to link the computer via IpSec ip 192.168.1.46 that is in the Site A computer with ip 192.168.1.31 that is in the Site B
ip sec connects but I can not ping from either side
As should be the settings to do this I need as I am desperate and I can not make it work
Thanks … ???
-
That's impossible. Can't have the same subnet on two different networks and connect them. Both ends see that network strictly as local.
-
I heard it could in two ways:
- Make NAT
- Using a router before Ipsec
but I looked like and I can not
help me please!!! -
you can't easily to NAT in that scenario. You would have to add another system to do NAT and leave the IPsec where it is now.
Putting a router in has no impact on anything in and of itself. The only way it would is if you put everything on a different IP subnet behind a router, and if you're going to change the IP subnet (which is by far the best option), just do it on the existing LAN
-
You should be able to sort something out by hacking around with proxyarp, shouldn't you? I've used IPSEC as a bridge between two sites with a shared subnet before - though I hacked it together manually with freebsd machines, not with pfSense..
-
Call me silly but I do not understand could anyone be more precise