Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Trying to reach a site via VPN tunnel on an other local ip 192.

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 412 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      danros
      last edited by

      Hi.
      I manage to setup a VPN tunnel to an other network via Internet.
      Its set up with IpSec.
      Phase: 1
      Remote Gateway 185.79.247.118
      Phase: 2
      Local subnet: 172.25.0.0/22
      Remote subnet: 192.168.251.110/32

      If I do
      route add 192.168.251.110 MASK 255.255.255.255 172.25.0.99
      it works to ping 192.168.251.110 . But I want to do that direct in pfsense. Is there any way to do that?

      1 Reply Last reply Reply Quote 0
      • C
        corradolab
        last edited by

        I assume your pfSense is not the default gateway of network 172.25.0.0/22.
        This way your hosts will never connect to pfSense until instructed to do so.

        How to do that depends on your network setup.
        In example you could use DHCP, Active Directory Group Policies or a logon script to automatically push the new route to all hosts.

        You could also add a static route on the default gateway.
        This way your hosts will connect to the "wrong" default gateway, but it will routes the packets to the right one.
        Often it will also send and ICMP Redirect message to the hosts to inform them about the "right" router.

        Regads,
        Corrado

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by Derelict

          If pfSense is not the default gateway of the host that you are adding that route to, then you need the route there. IP Networking 101 and nothing to do with pfSense.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.