Mobile IPSec to multiple interfaces



  • I am sorry if this topic has been posted already, but my search didn't return any results that looked like a match.

    I currently have multiple interfaces assigned internally- LAN1, LAN2, LAN3. My mobile clients can connect to LAN1, but I can't get them to work properly to connect to LAN1, and LAN2. I did manage to make it function by setting the local and remote subnets to 0.0.0.0/0.0.0.0 but that is not ideal I don't believe as I want to be able to manage what interfaces users can access- LAN3 is not an interface I want remote users to access, or based on how I configure their system when I send it, certain users can hit LAN1, certain users LAN2, certain users both. When I added a second P2 entry to the mobile tunnel, nothing worked at all!

    Currently running 2.01 release and shrewsoft. Any help or pointers would be greatly appreciated!


  • Rebel Alliance Developer Netgate

    Add multiple phase 2 entries, one for each local subnet.

    That is assuming you checked "Provide a list of networks" on the Mobile Clients setup, and you have Shrew set to Obtain the topology automatically.


Log in to reply