"routing" to network behind/beside ipsec tunnel



  • hi,

    i've a setup as following:

    NETWORK A  <-LAN-> IPSEC-ROUTER <-IPSEC over WAN-> PFSENSE <-LAN-> NETWORK B
                                                                                                <-LAN-> NETWORK C

    NETWORK A = 10.10.0.0/24
    IPSEC-ROUTER = 10.10.0.1/24 & one public ip
    PFSENSE = 10.10.1.1/24, 10.10.2.1/24 & one public ip
    NETWORK B = 10.10.1.0/24
    NETWORK C = 10.10.2.0/24

    the ipsec tunnel is working properly. NETWORK A and B can share informations.
    for the lack of supporting more then one phase 2 entry at the IPSEC-ROUTER in NETWORK A i need a solution to reach NETWORK C from NETWORK A and vice versa. the IPSEC-ROUTER is a AVM Fritzbox 7390 with a custom ipsec implementation. i can configure the Fritzbox to send packets to NETWORK C over the IPSEC tunnel as described here.

    how can i configure PFSENSE in order to accomplish information exchange between NETWORK A and NETWORK C?


  • Rebel Alliance Developer Netgate

    On 2.0 you can just add a second phase 2 definition to cover that extra subnet. On 1.2.3 it's a little trickier but it can work:

    http://doc.pfsense.org/index.php/IPsec_with_Multiple_Subnets



  • thx supernetting works!


Locked