Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Settings for node-to-node IPSEC tunnel needed

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 725 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Ed Servello
      last edited by

      I need suggestions for setting up a node-to-node IPSEC tunnel on PFSense 2.1. I have built LAN-to-LAN VPNs but not VPNs that link two specific nodes. The remote firewall is a Cisco ASA5510 owned by another organization.

      My information about the remote network is limited to the IPSEC parameters, the public IP address of the ASA5510 and the remote VPN network address. I cannot determine how to set up IPSEC Phase 2 when the tunnel endpoint address is also the remote network address, or how to NAT my local VPN address to the workstation that's using the tunnel.

      I have attached a JPG file showing the proposed topology. Any suggestions are welcomed!

      Cheers,
      Ed
      ![VPN Topo.jpg](/public/imported_attachments/1/VPN Topo.jpg)
      ![VPN Topo.jpg_thumb](/public/imported_attachments/1/VPN Topo.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        You just set the phase 2 to match the node IPs on either end. In 2.1 you can do the specify an address to NAT your internal node to below where you enter the real ip.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.