Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec Site-to-site with same LAN IP Range

    IPsec
    2
    2
    335
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AntonioR
      last edited by

      Hi!
      I need a IPSec tunnel between my LAN (with pfSense 2.4.5) and other LAN (with Fortinet, I'm not sure, but it's not pfSense). The IT of the other company tells to me the both LANs is in the same range (192.168.0.X), and the IPSec doesn't work. They say me put another IP address, or create NAT. How?
      The other company suggest me the next schema:
      My LAN (192.168.0.X) ---Translate to 192.168.10.x for example <--- IPSec ---> LAN 'of them' (192.168.0.X)
      Can I put another IP Range to my LAN? How can both see, or comunicate?
      Thanks

      B 1 Reply Last reply Reply Quote 0
      • B
        bennyc @AntonioR
        last edited by

        @antonior
        NAT in IPSec is done in your Phase 2 config.

        see: https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html#phase-2-settings
        and: https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/phase-2-nat.html

        4x XG-7100 (2xHA), 1x SG-4860, 1x SG-2100
        1x PC Engines APU2C4, 1x PC Engines APU1C4

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.