IPSEC to route all traffic from LAN card



  • hello there,

    Need is to grant our guest network access to internet through a VPN or any point to point connections between pfsense and a Checkpoint UTM. Pfsense and Checkpoint have both access to the LAN. Checkpoint have direct access to internet

    I wonder if it is possible to route all traffic coming from an internal guest network (LAN2,192.168.0.0/16) to the internet firewall through LAN1 (10.1.0.0/16) using IPSEC between guest gateway (pfsense,192.168.0.1+10.1.0.10) and the internet firewall ( Checkpoint UTM,10.1.0.1 )

    Does anyone know ? :)

    Thanks,
    L.


  • Rebel Alliance Developer Netgate

    IPsec doesn't route in that way, unless you're talking about IPsec in transport mode with something else like GRE on top.

    You'd have to setup IPsec with a remote network of 0.0.0.0/0 in order to direct all traffic to go through the tunnel. It's been discussed before, search the forum and doc wiki for more info.


Log in to reply