Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Some doubts about IPsec VPN / tunel configuration.

    IPsec
    1
    1
    203
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ramses.sevilla
      last edited by ramses.sevilla

      Hi everybody.

      I have some doubts with IPsec configuration and Firewall Rules with IPsec:

      • First.- I have configured a IPsec VPN with a remote firewall with NAT/BINAT and It's works fine.

      But I have a problem...

      I can configure one Remote Network, and only one, in the second phase (Phase 2) of the configuration of IPsec but I need reach several networks, for instance:

      Remote Networks: 10.10.10.0/24, 172.18.18.0/24 and 192.168.20.0/24

      If I configure each of these networks, I can reach the hosts wothout problems. But, how can I configure the firewall to reach all these networks at once?

      The only thing that cames to mind now is, for instance:

      • Configure one of the networks that I need reach (10.10.10.0/24) as Remote Network in the IPsec configuratios.
      • That in the Remote Network there is a Gateway (10.10.10.254) that know the networks 72.18.18.0/24 and 192.168.20.0/24.
      • Add one Gateway (10.10.10.254) in the Local Firewall.
      • Add two Static Routes sending the traffic to the reachable networks desired to the Gateway added (10.10.10.254).

      Do you know if this will work fine or It's a wrong idea and there are another best way to do this?

      • Second.- When the IPsec VPN is UP, how can I block all traffic from the remote site to my local site throught th VPN?

      Best regards

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.