IPSEC and two LANS that pfsense is NOT the default gateway?



  • Hi Guys,

    I have the following scenario:

    I have a pfsense box that I want to VPN into some draytek routers at remote sites.

    The VPN is setup and working fine, except; I cannot connect to the local subnet from the remote network.

    LAN – PFSENSE -- IPSEC -- DRAYTEK -- REMOTELAN

    The PFSENSE is NOT the default gateway for the LAN, it is merely a client on the network.

    How can I set it up so that REMOTELAN can ping/connect to clients on LAN?

    I have tried with gateway/static routes, and it works for the LAN defined lan, but does not work for my second LAN, even though the config is the same.



  • Must have a static route on the device that is the default gateway of that network.



  • Cheers for the reply.

    Tried that, and I thought I had a MTU problem as could ping but could not connect on RDP - Turns out had a routing issue.

    Simple resolution: Replace current gateway with pfsense.

    Now I have an issue where I need to route some traffic via IPSEC, thats to a second LAN - When the endpoint is the first LAN.
    I know that having another IPSEC should work, but these draytek 2600's keep locking up when two IPSEC connections are up to the same end.


Locked