IPsec and DMZ
-
Hello!
We have one headquarter and one branch office connected via IPsec-VPN. On both sites is pfSense. Tunnel is working fine.
My problem is to reach the DMZ in headquarter from branch office.Do you have any ideas, why it doesn´t work.
Sorry for my bad english.
Greetz speedy
-
Hello Speedy,
this can be a few things …
Can you give us more information about your config?Can you ping a server in your dmz?
Did you check your firewall rules and the logs?
Is your routing working fine?Greetings, Sanches
-
Hello,
the problem is, that the branch office doesn´t have a route to DMZ in headquarter.
Here my configuration:
headquarter:
em0 –> WAN 217.x.x.10/29 gw--> 217.x.x.9/29
em1 --> LAN 192.168.4.1/24
em2 --> DMZ 192.168.5.1/24 gw--> 217.x.x.9/29branch office:
em0 --> WAN 62.x.x.10/29 gw--> 62.x.x.9
em1 --> LAN 192.168.10.1/24The tunnel is configured like this:
Phase1: Interface = WAN headquarter ; Remote Gateway = WAN-address branch office (and vice versa)
Phase2: Local Network = LAN subnet headquarter ; Remote Network = LAN address branch office (and vice versa)I don´t know, how to configure the tunnel between DMZ headquarter und LAN subnet branch office.
Thank you for your help and sorry for my bad english.
Greetings
-
Hello,
i thought, there is just 1 post, but http://forum.pfsense.org/index.php/topic,50914.0.html
It's the same, just in the german support.We should close this one and keep going in the german one …
My german is also better ;D
Greetings / Gruß
Sanches