Pfsense box reach the remote network

Pernahajder

I have 2 pfsense boxes and an IPSEC between the two boxes. I wold like to reach the remote network from the pfsens box. Is it possible?

viragomann

A VPN is intend to reach a remote network device through a secure tunnel across an insecure network.
Of course that's possible.

Configure the IPSec phase 2 on both sites according to your networks and add firewall rules to allow the desired access.

Pernahajder

Thank you for your reply! I have two subnets 10.10.1.0/24 and 10.11.1.0/24. These two subnets are connected via IPSEC with two pfsense box 10.10.1.1 and 10.11.1.1 lan address. From these subnets the computers can communicate.
I would like to reach the 10.11.1.0/24 subnet from the 10.10.1.1 pfsense box which serving the IPSEC tunnel.

viragomann

The IPSec setup is explained well and detailed in the docs: https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configuring-a-site-to-site-ipsec-vpn.html

In short, assuming you have
Site1 with LAN: 10.10.1.0/24

Site2 with LAN: 10.11.1.0/24

So set the phase 2 at site 1:
Local Network: 10.10.1.0/24
Remote Network: 10.11.1.0/24

At site 2 set the phase 2 the other way round:
Local Network: 10.11.1.0/24
Remote Network: 10.10.1.0/24