IPSec (roadwarrior) + VLANs
soul710 last edited by
I have a working IPSec configuration on my pfsense for several years now, and I can use it using my phone or laptop to connec to the home network from other places.
My internal LAN network is the 10.0.0.0/24 net, but recently, I've added 3 VLANs:
*** Welcome to pfSense 2.4.4-RELEASE-p3 (arm64) on aeon *** WAN (wan) -> mvneta0.4090 -> v4: 192.168.0.3/24 LAN (lan) -> mvneta0.4091 -> v4: 10.0.0.1/24 IOT (opt1) -> mvneta0.50 -> v4: 10.0.50.1/24 PRIV (opt2) -> mvneta0.60 -> v4: 10.0.60.1/24 GUEST (opt3) -> mvneta0.70 -> v4: 10.0.70.1/24
Now, I can still connect to the IPSec VPN, however, it still lets me only access the LAN net, but none of the VLANs. I've tried googling for solutions, however I can't seem to find the obvious missing configuration which I have to add in order to make it work. When connected to the network directly w/o VPN (ethernet, wifi), I can access all of the VLANs without issues.
I tried adding another phase 2 entry wit the IOT net as local subnet, but it didn't help:
Also, there is no firewall rules on the IPSec interface which would prevent traffic to the IOT net:
What do I have to adjust in order to be able to access one of the VLANs from remote when using the IPSec VPN?