Access from IPSec site to other IPSec site
-
Our main office (Germany) network is managed by pfSense. We connect 1 office in Greece which is managed by an Edgerouter X via IPSec with our office in Germany. We also have some customer networks connected to our office in Germany via IPSec.
Currently its possible to access all customer sites from our German office. Devices in the Greece office can also access servers and devices in our German office through the IPSec connection. We blocked access from customer sites into our office networks.
We want that employees in our office in Greece are able to access IPSec site's of our customers but i cant get this working.
Green arrows means that access is possible in the direction of the arrow (operational)
Red arrows means that access is blocked in the direction of the arrow (operational)
Orange arrows describe our goal where this question is about (not working yet)
I created an IPSec firewall rule to allow devices in the greece office to access all networks:
Do i also need to create custom routes? and if yes, where, in PFSense or at the greece office router?
-
Add p2
example:
Office Greece <> Customer 1
Customer 1 <>Office Greece -
@Zawi
Thanks, makes totally sence. I did not think about this and will try this at monday and post my findings ;). -
This post is deleted! -
@Zawi said in Access from IPSec site to other IPSec site:
Add p2
example:
Office Greece <> Customer 1
Customer 1 <>Office GreeceDuring configuring this, i noticed that this is not what we want as we need to setup a p2 for each costomer-greece office relation. Both, the customer and the greece office are already connected to our main office. We want to "route" the traffic from our greece office to our customer via our main office.