IPSec tunnel to Different Address

jbenoza

I have a pfSense (Network A - 10.9.0.0/24) and a Cisco Router (Network B - 10.0.60.0/24).

I have the IPsec tunnel up and running and it works both ways.

I was just wondering how would I get it so that if I ping 10.9.60.1 from Network A (for example) it would "translate" to 10.0.60.1.

Main reason for this is I have another IPsec tunnel to setup, but the other Network I have to setup is also (10.0.60.0/24).

dotdash

If the second site is pfSense, you can do this in it's phase2 settings, otherwise you would need to binat on the Cisco.

jbenoza

@dotdash:

If the second site is pfSense, you can do this in it's phase2 settings, otherwise you would need to binat on the Cisco.

I was afraid of that, as the Cisco Router does not have that capability.

Any way to do it on the pfSense?

dotdash

You should be able to do this on a Cisco router, I've done it on ASAs.
Quick google turns up this, which may help:
http://www.cisco.com/c/en/us/support/docs/routers/3800-series-integrated-services-routers/107992-IOSRouter-overlapping.html