Site to Sire setup with more than one external IP address
-
Hello all,
I am trying to setup another site-site IPsec channel (I already have several IPsec channels up/running no problems, using my main IP1 external IP). Internet connections at both sites have more than one external IP addresses, as well as the main IP address (which all external traffic uses except for those with one-one NAT rules for a few servers etc).
I want to setup the new channel to use one of the other external IP addresses (IP2), not the main one (IP1).
I have setup the PfSense side as using the external IP address I want (say ip2) as the Local ID, and this shows up under status no problems, however the Local IP under status is still IP1 (not IP2), traffic is showing up on the other site as IP1 (not IP2).The only gateway I have is the one assigned through the PPOE connection. Do I need to add IP2 as a gateway, if so how do I assign it to this IPsec channel only? Or do I use a route? No idea what to do here to get the IPsec traffic out of IP2.
Any help appreciated.
-
You should be able to select a specific VIP in the Interface pulldown in the Phase 1.
-
Thank you.
Ok, I created a VIP alias and the label IP and the connection starts with the correct IP addresses.
However in the IPsec logs I receive the following error.
"06[NET] <con2000|506>sending packet: from VIP[500] to site2-IP[500] (400 bytes)
"03[NET] error writing to socket: Can't assign requested address"And the packets don't show up at the second site (which is expected if the error description is accurate).
Any idea what I haven't configured correctly?</con2000|506>
