Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP-Relay over RoutedVTI IPsec ?

    Scheduled Pinned Locked Moved DHCP and DNS
    dhcp-relayroutedvtiipsec
    1 Posts 1 Posters 485 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TimL
      last edited by

      Hello,

      I'm new to the netgate forum.

      I've done some extensive reading and googling, and right now i'm testing a setup with 1 pfSense box connected with a RoutedVTI IPsec tunnel to our main Watchguard appliance (M470).

      We have about 5 external locations which will get connected this way.

      The only problem I experience with pfSense is the DHCP (relay) settings:
      2 issue's here:

      • No DHCP relay possible when DHCP server is active on 1 (vlan)interface.
        I can work around this issue, but it's an annoyance.$
        For example: i don't want 500 public ip's relaying to our internal DHCP-server.
        All public traffic should be blocked to internal devices.

      • Getting DHCP-Relay to work over de RoutedVTI IPsec tunnel.
        I've read everywhere that it can't be done over a normal IPsec, but it should be possible over a routedVTI IPsec.
        I can't seem to find anyone who actually has it working this way, so I wonder if it should be possible on the pfSense natively.

      We don't have L3 switches or IP-helper / relay capable switches.

      The alternative is that I use each pfSense box for all DHCP-services, which is less transparent for managing internal devices at external locations :)

      Thanks in advance for reading and advising.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.