Multi IPSEC to 3 Branch offices

  • Hi Guys,

    We have 3 branch offices A and B and C.

    A is the master office and we want to build a IPsec tunnel from B and C to A in order to access the servers behind the Office A.
    on the Office A we are already using openVPN tunnel for the users to access the servers when they are on the road.

    on the 3 offices are using a Pfsense Hardware , CPU I5, Memory 8GB, SSD 120 HDD.
    is this even possible to use ?
    Please advise if there is a secure way to do so.

    Thank you

  • Rebel Alliance Developer Netgate

    Yes, that works fine, provided you setup all of the appropriate Phase 2 entries in IPsec and routes in OpenVPN.

    For example, your IPsec tunnels would need to have phase 2 entries such as:

    Site A<->B: P2 for A-B, OpenVPN-B
    Site A<->C: P2 for A-C, OpenVPN-C
    OpenVPN: Local network set for A, B, and C

    And if you want B and C to reach each other through A, you'll need additional P2 entries to cover B-C / C-B on the appropriate tunnels and in the proper direction.

Log in to reply