Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense and IPSEC lan to lan: a big doubt about the correct implementation

    Scheduled Pinned Locked Moved General pfSense Questions
    83 Posts 3 Posters 7.9k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Online
      stephenw10 Netgate Administrator
      last edited by

      Just a hard limit to allow other traffic outside the tunnel?

      M 1 Reply Last reply Reply Quote 0
      • M Offline
        mauro.tridici @stephenw10
        last edited by

        @stephenw10

        Mmmh, just a way to limit the traffic through the tunnel.
        Now, the IPSEC tunnel has a very good throughput and I already know that users will saturate this channel with their data transfer sessions from LAN at site A to LAN at site B.

        1 Reply Last reply Reply Quote 0
        • stephenw10S Online
          stephenw10 Netgate Administrator
          last edited by

          Then I would use a Limiter outbound on the IPSec interface at either end.

          https://docs.netgate.com/pfsense/en/latest/trafficshaper/limiters.html

          You could also apply that inbound on the source interface if that's known at both ends. Either way it's better to limit at the sending end than receiving.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.