4. Virtual Network for IPSec

Virtual Network for IPSec

  • E

    Hi folks,

    I'm using pfsense 2.0 BETA4 for some tests.

    I have 2 internal networks, LAN (192.168.1.0/24) and DMZ (192.168.10.0/28).

    The thing is that the IPsec is configured on phase 2 to network 192.168.6.0/24 to 10.0.0.0/8 (The client couldn't change this, I'm just the client on Ipsec. =P)

    So when my 192.168.1.0 network try access a 10.0.0.0 network it's needs to pass throught a nonexistent 192.168.6.0 network before get the WAN.

    Is that possible create some kind of virtual network so I can use this Ipsec connection ?

    I'm sorry if here is not the best place to post this.

    Thanks.

    Érico

    0
  • Rebel Alliance Developer Netgate

    It's not easily done in 1.2.3, since you can't do NAT on IPsec.

    What some people do is add another network interface to their main router, and give it an IP in 192.168.6.x. Then setup another pfsense box with its "wan" in 192.168.6.x, and its LAN in one of your existing internal networks. Then set a static route that points traffic to the 10.x network to the "lan" IP of the second router.

    In 2.0 you may be able to setup 1:1 or outbound NAT rules on the IPsec interface to accomplish this, but I haven't tried that yet myself.

    0
  • E

    jimp,

    Thanks for your reply.

    Can you tell me how can I set up this 1:1 or outbound NAT on my IpSec interface ?

    Thank you.

    Érico

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy