IPSec / NAT Routing question



  • Hi, I was wondering if it was possible to route all of my LAN's NAT'd traffic through an IPSec tunnel.

    Say I have pfSense as a gateway on Network A, and as a gateway on Network B. If I have IPSec tunnel from Network B to A, can I route all of the LAN traffic under Network B (192.168.2/24) through Network A (192.168.1/24) and out the WAN connection of Network A?



  • Try to build a tunnel with a subnet 0.0.0.0/0 at the end where the traffic should leave the internet. Not sure if this works. Haven't used it with such a big netmask yet but already used it to connect several branch offices through the main office to each other by using a bigger subnetmask.



  • This is something I've been thinking about doing as well, but had no idea where to start.

    Certainly sounds promising.  Would this allow even SMTP traffic from Site A to be routed through Site B's outgoing ISP connection, to allow remote users "local" SMTP access?



  • With that large subnet it should use the pfSense at the other end as default gateway.



  • So this would require a different class address?

    Sticking with non-routable addresses I couldn't quite figure out how to do something past 192.168.20.0 / 255.0.0.0 …


Log in to reply