ipse pfsense asa with 2 local networks



  • Hey All,

    I have problems to get the following ipsec setup running,

    local: (pfsense 2.4.5) , with local networks 192.168.1.0/24 and 172.20.1.0/24
    remote (asa 5512 9.9) with remote network 192.168.2.0/24

    I can establish phase 1 with success

    I have defined 2 phase-2 entries on local pfsense, both tunnel ipv4.

    1. local network 192.168.1.0/24 remote network 192.168.2.0/24
    2. local network 172.20.1.0./24 remote network 192.168.2.0/24

    On cisco ASA i defined a crypto map for:
    Source: 192.168.2.0/24 : destination 192.168.1.0/24, 172.20.1.0/24, Service: IP.

    Ok so far.

    When i disable one for the local phase-2 entries, the activeated part ist running. So both phase-2 entries are working for it own.

    But with both entries activated, i can (for example) ping 192.168.2.2 only initiated from one interface on my pfsense.

    I have already activated ,,Split Connections" in phase 1 definition.

    Where I am short of brain to get this up and running for both local networks?

    Thanke Lukas


Log in to reply