• I have successfully setup a tunnel between two sites, but I am trouble accessing my 2nd device at the end of the tunnel.

    Local = 192.168.31.0
    Remote = 192.168.44.0

    I only have 2 remote devices, and pfsense is 4-port, so I bridged LAN/OPT1 to keep both devices on the same subnet. (I used exactly the same procedure for this as on my local pfsense device which works).

    For some reason(?), device 2 never picked up a DHCP lease, so wasn't reachable. For troubleshooting, I removed the bridge and created:
    Remote2 = 192.168.43.0 on OPT1

    Device 2 now has an IP address in this scope.

    To talk to this device locally, do I just need to add another P2 to my existing (and connected) P1 Ipsec tunnel, or is that now how it should work?

    P2 = 192.168.31.0 > 192.168.43.0 (and also at the other end?)

    Many thanks,


  • I can now add, that I am able to successfully access the device via OpenVPN.

    This will do as a temporary solution, but it is much easier to have the device permanently accessible via IPsec on the same subnet.

    If I leave OPT1 on an independent DHCP scope, then I have a dozen forwards/redirects to consider (and verify).


  • The second P2 (may have) needed a reboot to come up.

    It is now working successfully on the independent OPT1 subnet via IPsec.

    I tried a restart of the IPsec service, at both ends - that didn't help.

    A reboot, which presumably shouldn't have been necessary(?), did the trick.

    Hope this helps…