Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC able to push route like OpenVPN?

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 5.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      super_apple
      last edited by

      Hi all,

      I have configured IPSEC mobile access and I am up and running and able to hit anything behind the firewall via the IPsec tunnel for mobile clients. My question is, can you push routes for external hosts like you can in OpenVPN config? I am trying to push traffic for external hosts in remote locations over the tunnel. This is easily done with "push route" in OpenVPN but I do not know if/how this can be done in IPsec.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        No, you can't route traffic quite the same way with IPsec as you can with OpenVPN.

        With mobile tunnels this is a little more relaxed, but you still need to specify these subnets for the tunnel on the client side. If these networks are not locally reachable by pfSense you will also need to add manual NAT rules which will NAT the traffic from your mobile client IP(s) out the pfSense WAN.

        This is a little better in 2.0 where you can specify to send a list of accessible networks to the IPsec client, but you still can't specify arbitrary subnets.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.