4. Simple policy route

Simple policy route

  • X

    Hi all

    i'd like to route a destination ip over ipsec to my other gateway. I'm used to do it over the policy route with a zywall 5 - but i just cant find anything in the pfsense that resembles this. I have seen that you can add a gateway in a firewall rule, but i can only choose default. Can i define my other gateways internal ip adress somewhere so i get them in the drop down list??

    how is it done - if it can be done?

    0
  • Rebel Alliance Developer Netgate

    There isn't any way in the firewall rules to apply that kind of policy for IPsec.

    If you make the IP you want to go over IPsec the remote side of the IPsec phase 2 subnet, that would do the trick.

    This isn't so easy on 1.2.3, but on 2.0 you can just add an additional Phase 2 entry to match the traffic.

    0
  • X

    thx, that might work. The problem there is that i can not specify single ip adresses so i would need to define a subnet of an external ip range … tricky...

    0
  • Rebel Alliance Developer Netgate

    On 2.0 you can do it by either picking 'address' for the type, or just enter x.x.x.x/32 for a single IP. On 1.2.3 just do x.x.x.x/32.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy