IpSec VPN and CARP IP
-
Hi,
I'm trying to configure an IpSec tunnel between two PfSense firewall both version
1.0.1
built on Sun Oct 29 01:07:16 UTC 2006One one side PfSense WAN has a static ip address:
xx.xx.xx.210
and CARP IP til xx.xx.xx.222
When I try to create a tunnel, I can only select which interface to listen to (WAN, DMZ, LAN) but how can I specify which IP to use?
On the WAN static IP I forward IpSec port to a Win2003 server. So i need to specify one of the CARP IP as interface to listen to (the other side will use this ip as remote gateway)
Is this possible?
Thanks in advance,
Speck
-
Another problem I found…
on the other PfSense when i try to start IpSec I get an error in racoon.conf line 2
listen {
isakmp [500];}
i found this in the file.
This pfsense has a WAN with a static private IP 192.168.xx.xx and four VirtuaIp public configured.
i tried to modify the file this way:
listen {
isakmp xx.xx.xx.149 [500];}
but when i restart racoon it is overwritten with the old vesion.
Thanks,
Speck -
Hint: VPN>ipsec, failover ipsec tab
-
Can I use FailOver Ipsec even if the vpn won't actually be a failover connection?
I'll try this way, thanks
-
What about the error in racoon.conf line 2? any hint ???
thanks
-
Thats fixed in a recent snapshot.
-
latest snapshot is stable enough for production enviroinment?
The version I'm using now (1.0.1) is working great and very stable ;D
Thanks in advance,
Speck -
We consider the releng1 snapshots as pretty stable. Only usability updates and bugfixes go into this branch. It's not like we are reinventing a new system here. Thet's what the head code tree is for. However, backing up your config before you upgrade won't hurt.
-
Ok, thanks ;D