Ipsec to network with multiple gateways



  • Hi,
    my network looks something like this:

    10.0.0.10 - 10.0.0.100  –--> 10.0.0.1 (pfsense with ipsec) ----> internet

    10.0.0.101 - 10.0.0.120  ----> 10.0.0.2 (pfsense without ipsec) ------> internet

    10.0.0.121 - 10.0.0.199 -----> 10.0.0.3 (pfsense without ipsec) ------> internet

    now my remote side connects to 10.0.0.1 via ipsec with phase 1 and 2 identical on both sides.
    the remote side can access / connect / ping any of the machines in range 10.0.0.10 - 10.0.0.100 and visa versa but not to the other machines.

    jimp : you suggested adding additional phase 2 entries, i tried, but im not sure im doing it correct...do i add the other phase 2 entries to point to a          single address ?

    any other help will also be appreciated.

    Thanks



  • Hi, i think i found my answer by playing around a bit.

    My remote network is 10.1.105.0/24, i then added a route on 10.0.0.2 –> route add -net 10.1.105.0 10.0.0.1 255.255.255.0
    then i could access the machines running through gateway 10.0.0.2

    i hope this might help someone else.

    Thanks,


Log in to reply