DHCP-Relay over RoutedVTI IPsec ?
-
Hello,
I'm new to the netgate forum.
I've done some extensive reading and googling, and right now i'm testing a setup with 1 pfSense box connected with a RoutedVTI IPsec tunnel to our main Watchguard appliance (M470).
We have about 5 external locations which will get connected this way.
The only problem I experience with pfSense is the DHCP (relay) settings:
2 issue's here:-
No DHCP relay possible when DHCP server is active on 1 (vlan)interface.
I can work around this issue, but it's an annoyance.$
For example: i don't want 500 public ip's relaying to our internal DHCP-server.
All public traffic should be blocked to internal devices. -
Getting DHCP-Relay to work over de RoutedVTI IPsec tunnel.
I've read everywhere that it can't be done over a normal IPsec, but it should be possible over a routedVTI IPsec.
I can't seem to find anyone who actually has it working this way, so I wonder if it should be possible on the pfSense natively.
We don't have L3 switches or IP-helper / relay capable switches.
The alternative is that I use each pfSense box for all DHCP-services, which is less transparent for managing internal devices at external locations :)
Thanks in advance for reading and advising.
-