Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSec tunnel, gateway routes, create gateway

    IPsec
    1
    1
    96
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      klmbees last edited by

      I have successfully established an IPSec tunnel between a home office site and a branch site. The branch site firewall was recently replaced by a pfsense whitebox as the existing firewall was no longer meeting the demands of the business.

      The tunnel is established as follows:
      SITEA = pfsense - BRANCH OFFICE
      SITEB = (other guys firewall) - HEADQUARTERS

      tunnels are ESTABLISHED routing some local subnets. Currently, SITEA internet traffic egresses through SITEA WAN, and Site B does the same.

      I need traffic from ONLY CERTAIN subnets/vlans within SITEA (but not its entire summary) to egress VIA THE IPSEC TUNNEL and to SITEB for internet-bound traffic.

      As I understand it, I can do this via advanced firewall rule "change gateway to" - but I cannot figure out how to make a gateway that exists at SITE B on the pfsense. I tried routing 0.0.0.0/0 over the ipsec tunnel, broke routing on the pfsense at SITEA.

      any help is appreciated.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post