Site-to-site ipSec - route for pfsense server itself?

rickjm540

Quick question - I successfully have an ipSec site-to-site VPN setup and can connect between all devices between the two networks, EXCEPT from the pfsense firewalls themselves - is there a route I'm supposed to set so the firewalls will know how to connect to the remote ipSec network?

Thanks for any help :)

dave.opc

How do you want pfsense to connect to other devices? Ping?

jimp

You can add static routes to nudge the traffic as described at https://www.netgate.com/docs/pfsense/vpn/ipsec/accessing-firewall-services-over-ipsec-vpns.html

When pfSense 2.4.4 releases, it will have routed IPsec (VTI) and then if both sides support it (e.g. pfSense on both ends) then you won't need any hackish workarounds to get the traffic to flow, it will work as expected.

rickjm540

Thanks for the info!

I am wanting to setup remote logging to a device on the VPN network.
I'll check out the link :)