IPSEC routing help needed
-
Hello,
I have 3 remote office and 1 main office, all configured with a PFSENSE 1.2x router.Main office 192.168.0.x
Remote office 1 192.168.50.x
Remote office 2 192.168.55.x
Remote office 3 192.168.60.xI have ipsec tunnels created and each remote office can talk with the main office with no problems.
I cannot communicate however from remote office to remote office. I am using preshared keys.
Can anyone point me in the right direction as to what needs to be configured for remote offices to talk to each other??
-
I believe each remote will need to have an IPSec tunnel to every other remote you want it to communicate with.
Roy…
-
Hi an thanks for the reply,
I was hoping for a little more info. Can anyone provide any examples of how this would be setup. I have tried simply creating additional routes however it does not seem to still work. Do I only need to create these routes at the 2 remote offices that are unable to communicate with each other?? Do I need to program anything at the main office? Any assistance you could provide would be greatly appreciated.
Thanks!!
Frank -
you only need to add the additional tunnels I described above. No manually added routes are required.
Roy…
-
Check your firewall as well. Unless you let the lan talk to any and everything, you need to add a rule to the remote net.
(a) * lan net * 192.168.50.0/24 * *
You'd have to do the same thing on the remote side as well.
If your current firewall rule looks like this…
(b) * lan net * * * *
then you do not need to add any other rules such as (a)
-
If and only if I understood you right.. Please see the attachment picture ;)
