IOS + IPsec works - but no access to other tunnel



  • Hello together,

    finally I got iPhone/iPad working with IPsec, but I can only access the LAN of the pfSense I'm connected to. No chance to get access to one ore more of the other tunnel.

    LAN: 10.170.0.0 / 16
    iOS devices: 10.190.0.0 / 24
    One of the other tunnel: 10.180.0.0 / 16

    Sometimes pfSense give im an error in the IPsec logs:

    INFO: no policy found, try to generate the policy : 10.190.0.1/32[0] 10.180.0.0/16[0] proto=any dir=in
    

    I tried to install the wanted policy in WAN, LAN and IPsec - but nothing works for me.

    Thanks for ANY help!

    Best regards,

    Thorsten

    FORGOT TO SAY: For sure I added additional Phase 2 for the other tunnel I want to have access to.



  • OK - now it's a bit more clear for me…

    If I use a virtual IP for mobile VPN devices which IS NOT used for any other tunnel and LAN - THEN I can connect only to the LAN (but not to other tunnel).
    If I use a virtual IP for mobile VPN devices which IS used already for LAN - THEN I can connect only to the other tunnel (but not to the LAN).

    The problem is: I want to be able to connect to both (LAN and also the other tunnel). What does the trick ?!?!?! It definitly cannot be that this should be not possible...


  • Rebel Alliance Developer Netgate

    On your other tunnel, do you have a second Phase 2 entry for VPN Subnet<->Remote LAN ?



  • No, on the other tunnel I did not had. Now it works like a charm on all other tunnel!

    Thank you very much for your help!


Log in to reply