Pfsense box reach the remote network



  • I have 2 pfsense boxes and an IPSEC between the two boxes. I wold like to reach the remote network from the pfsens box. Is it possible?



  • A VPN is intend to reach a remote network device through a secure tunnel across an insecure network.
    Of course that's possible.

    Configure the IPSec phase 2 on both sites according to your networks and add firewall rules to allow the desired access.



  • Thank you for your reply! I have two subnets 10.10.1.0/24 and 10.11.1.0/24. These two subnets are connected via IPSEC with two pfsense box 10.10.1.1 and 10.11.1.1 lan address. From these subnets the computers can communicate.
    I would like to reach the 10.11.1.0/24 subnet from the 10.10.1.1 pfsense box which serving the IPSEC tunnel.



  • The IPSec setup is explained well and detailed in the docs: https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configuring-a-site-to-site-ipsec-vpn.html

    In short, assuming you have
    Site1 with LAN: 10.10.1.0/24

    Site2 with LAN: 10.11.1.0/24

    So set the phase 2 at site 1:
    Local Network: 10.10.1.0/24
    Remote Network: 10.11.1.0/24

    At site 2 set the phase 2 the other way round:
    Local Network: 10.11.1.0/24
    Remote Network: 10.10.1.0/24


Log in to reply