"routing" to network behind/beside ipsec tunnel

ahorn

hi,

i've a setup as following:

NETWORK A  <-LAN-> IPSEC-ROUTER <-IPSEC over WAN-> PFSENSE <-LAN-> NETWORK B
                                                                                            <-LAN-> NETWORK C

NETWORK A = 10.10.0.0/24
IPSEC-ROUTER = 10.10.0.1/24 & one public ip
PFSENSE = 10.10.1.1/24, 10.10.2.1/24 & one public ip
NETWORK B = 10.10.1.0/24
NETWORK C = 10.10.2.0/24

the ipsec tunnel is working properly. NETWORK A and B can share informations.
for the lack of supporting more then one phase 2 entry at the IPSEC-ROUTER in NETWORK A i need a solution to reach NETWORK C from NETWORK A and vice versa. the IPSEC-ROUTER is a AVM Fritzbox 7390 with a custom ipsec implementation. i can configure the Fritzbox to send packets to NETWORK C over the IPSEC tunnel as described here.

how can i configure PFSENSE in order to accomplish information exchange between NETWORK A and NETWORK C?

jimp

On 2.0 you can just add a second phase 2 definition to cover that extra subnet. On 1.2.3 it's a little trickier but it can work:

http://doc.pfsense.org/index.php/IPsec_with_Multiple_Subnets

ahorn

thx supernetting works!