Routing radius thru IPSEC
-
Hi Guys, I have a issue that is driving me nuts and would like to get some ideas on how to handle it.
my setup is as follows:
pfS #2 - Captive Portal
–------
WAN ip public
Lan 192.168.254.1
Wireless_Lan 192.168.253.1
IPSec - to pfS #1pfS #1 - Master
WAN ip public
Lan 192.168.10.1
Wireless_Lan 192.168.20.1
IPSec to pfS #2pfS#2 is running captive portal with radius authentication and pfS #1 has freeradius running on Lan. I would like it to send all radius traffic to pfSense #1 thru the IPSec tunnel, but I have not been able to. I can ping pfS#1 Lan and wireless and vice versa with no issues. Ialso have to IPSec tunnel to allow any traffic. I have tried putting a rule in the NAT outbound of #2, but to no avail, I probably didnt have the syntax correct. I would appreciate any pointers.
Thnx
Dickie
-
Well after a few hours of reading and googling, I have come up with a way that works….. Is it right?...not sure but it works
On the captive portal router, I have set a new gateway with a non-local route (under advance settings) and address of 192.168.20.1, then i set up a static route to send all traffic for 192.168.10.18/32 thru the new non local gateway. Finally I have set a new rule under the wan to only allow 192.168.10.18/32 ports 1812 & 1813.
And poof it works.
I hope this help anyone else that is trying to do something like this :-)
Dickie