Only 2 P2 possible simultaneously, more breaks the connection
-
Please bear me with me as this is first time settings IPsec.
My initial problems with setting up my network is described here: https://forum.netgate.com/topic/159307/help-me-add-access-to-ipsec-site-b-via-openvpn-rw-site-a
I've decided to start a new thread, hopefully attract more eyes to it, as I still have problems (last post in my initial thread)
Here is the situation:
Site B is a remote IPsec server, no access from me, so I have to work with what I have.
Site B is 10.0.1.0/24
Due to their restrictions the tunnel have to be NATed 10.201.0.0/16I have 3 subnets on site A (1 x LAN and 2 x openvpn server) that are added as P2 IPsec:
LAN: local 192.168.0.0/24 - BINAT 10.201.0.0/24 - remote 10.0.1.0/24
OVPN: local 192.168.200.0/24 - BINAT 10.201.200.0/24 - remote 10.0.1.0/24
OVPN2: local 192.168.201.0/24 - BINAT 10.201.201.0/24 - remote 10.0.1.0/24It works, but only 2 P2s can be up simultaneously. If the 3rd P2 gets connected, then one of the previous disconnects the connection. As long as there are only 2 P2s enabled, it works flawless.
Site B have no restriction and we suspect its something with either pfsense or our settings.
But what could it be? -
Turns our issue was related to network settings. As the remove subnet was /24 and I had 3 local connected to it pfsense did not like this.
Anyhow, changed all three P2s into a single one 192.168.0.0/16 BINAT 10.201.0.0/16 remote 10.0.0.0/16
and now it works flawless!