Multiple VTI IPSEC tunnels with /30 on same 192.168.X.0 ?
-
Hello,
I have a pfsense 2.4.5 in my datacenter, it handle multiple ipsec site-2-site tunnels.
i tried to use a /30 for 2 of them and it break everything.Example for P2 :
siteA : 192.168.34.1/30 -> siteB 192.168.34.2/30
siteA: 192.168.34.5/30 -> siteC 192.168.34.6/30With these configuration i can't have both tunnel up, it's siteA <-> siteB or siteA <-> siteC
To fix these i have to change adresse used in P2 :
siteA : 192.168.49.1/30 -> siteB 192.168.49.2/30
siteA: 192.168.34.5/30 -> siteC 192.168.34.6/30did i miss something ?
May be it's because one my client is not on latest version ? (2.4.4-p2)
Thanks
Yathus
-
@yathus said in Multiple VTI IPSEC tunnels with /30 on same 192.168.X.0 ?:
May be it's because one my client is not on latest version ? (2.4.4-p2)
That is likely the case. Some older versions didn't properly respect the configured subnet mask for VTI interfaces. Update both to a current version and try again.