1. Home
  2. pfSense® Software
  3. IPsec
  4. Mobile IPSec: let the user choose between 0.0.0.0/0 or only our internal net through VPN

Mobile IPSec: let the user choose between 0.0.0.0/0 or only our internal net through VPN

  • L

    Hi,

    our mobile users sometimes need to use our VPN for privacy purposes (e.g. in hotels) where all traffic should go through our box.

    At the same time, when they're at home or the distributed offices, they only need some internal nets going through our VPN - having the local subnet of 0.0.0.0/0 cuts them off from their multicast-dns-domains for e.g. TimeMachine backups or the local AppleTV, so the local subnet should be limited to our internal networks. Bonus points if name resolution for our internal domains goes through the pfsense-Nameserver, and all other domains somewhere else.

    I can configure our IKEv2-VPN for either 0.0.0.0/0 or our internal net, but so far I've been unable to implement both ways at the same time on the same external interface.

    Is that even possible? If so, how?
    Kind regards,
    Lukas

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy