multi Phase 2 with vti IPsec and tunnel for Site-to-Site IPsec for Internet Traffic

  • Hello

    I have the following setup:
    pfSense site A

    pfSense site B
    WAN (and virtual IP

    I have a routed vti IPsec tunnel between site A and site B with static routes for and which is working fine.

    Now i wanted to add a site-to-site tunnel for the DMZ on site A and the pfSense on Site B. The internet traffic should be routed thourgh the ipsec tunnel.
    I followed the following tutorial:

    For this scenario i added a second phase 2 entry:

    Everything is also configured on the other side.
    The traffic from to the internet always uses the gateway on site A, but i want it to be tunneld through the IPsec tunnel to site B. After some time everything breaks and nothing works anymore.

    It seems that used the routed vti interface.

    Is there something wrong in my configuration?

    Thank you.

Log in to reply