Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using a VIP as a IPSec endpoint IP ?

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    1
    1
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hessie
      last edited by

      I've got my pfSense up an running with 192.168.1.0/24 as LAN.

      Now I'd like to add an IPSec Tunnel with given parameters from a client.
      This tunnel needs that my endpoint is not 192.168.1.1 but 172.10.10.1. I cant change my LAN subnet or the IPSec Configuration.

      Is this possible with a VIP ? CARP or PARP ? From my understanding of reading the docs it should be CARP, but CARP has to be in the same subnet as my mainnet, put PARP does not reply on ICMP, does that matter ?

      Will pfSense be able to establish the tunnel this way and talk to the remote route which expects 172.10.10.1 as my IP ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post