Need an advise or help with IPSec routing setup



  • Hey, guys, I have the setup, you can find pic attached.
    Have a pfsense on our site and here are some additional details:
    My_IPSec_Endpoint - an external IP address.
    Customer_IPSec_Endpoint - an external IP address
    Between these two endpoints, we have a Phase 1 established
    Local_IPSec_Net: 10.220.1.72/29
    Customer_IPSec_Net: 10.224.0.0/14
    Between these to subnets a Phase 2 established.
    I have a VLAN tagged traffic for Device network:
    10.253.183.0/24 with GW 10.253.183.254/24
    Faced with a problem to organise routing from Device Network through Local IPSec net to the customer but without NATing through IPSec.
    Any recommendations are welcome.
    The problem that I could see here is that I have a subnet on my site but do not have gw for it and couldn't setup that gw because not able to assign to an interface to route all the traffic through it.
    Thanks in advance.