IPsec to two diffrent LAN networks

  • Hi…
    How to set up IPsec connection to two diffrent LAN network behind pfsense.
    I have working IPsec between one network behind Mikrotik router
    to behind pfsense firewall.
    Now I want to set up additional network behind pfsense for example but I wonder how to modify Ipsec tunnel to work with both networks.
    Is it enough to set up addditional policy on both ends??
    I can not expand existing policy, couse network on MT side will become inside expanded, hmmm..
    Any clue?


  • You just need an additional phase 2 to match the additional subnet. I'm not 100% sure offhand if Mikrotik supports that, it should, most every device that supports IPsec supports multiple P2s.

  • It works, thank you  ;)
    It looks like Mikrotik supports that pretty well :)


