[SOLVED] 2 IPSec tunnels with same remote network



  • Hello ,

    I have a pfsense box in network 10.100.100.0/24 . I also have an ipsec tunnel with a remote site which have network 192.168.0.0/24 network so it can access network 10.100.100.0/24 and reverse. Now i want to create another tunnel with another remote site that has also the same network , 192.168.0.0/24 with the first remote site. Is this possible ?

    Thanks a lot


  • Netgate

    They need to NAT on their side. If those two sites need to communicate they both need to NAT.

    This is why you don't deploy 192.168.0.0/24 into production.



  • @Derelict:

    They need to NAT on their side. If those two sites need to communicate they both need to NAT.

    This is why you don't deploy 192.168.0.0/24 into production.

    No need for both sides to communicate. So we need only nat on their Side ? In pfsense i will enter the nat subnet or ip in the interesting traffic ?

    Thanks a lot


  • Netgate

    Their Phase 2:

    Local: 192.168.0.0/24
    NAT: 192.168.100.0/24
    Remote: 10.100.100.0/24

    Your Phase 2:

    Local: 10.100.100.0/24
    Remote: 192.168.100.0/24

    To you, they will look like 192.168.100.0/24.



  • Thanks a lot for your help !