Questions about VPN IPsec



    • We have a pfsense which is connected to different networks.  I set up VPN Ipsec for mobile client, we can specify only one range for remote users.
      It is possible to restrict access to only specified networks or IPs ?

    • We have a VPN Ipsec between another site linked with a tunnel.  How can I configure to allow remote users (VPN mobile client) to conect to this another site (pass through 2 VPNs) ?

    • How can I route traffic to Internet from mobile vpn clients ?

    Thanks



  • What IPSec client are you using?

    Do you mean restrict access from remote IP's connecting to your mobile VPN or restrict access within the mobile VPN to other networks?

    Just set up another phase 2 entry on the site-to-site VPN on the IPSec endpoint that your mobile users connect to using your mobile VPN subnet as the local subnet.

    Depending on your IPSec client there should be an option to automatically route all traffic through the VPN. You will need to add an outbound NAT rule for your IPSec subnet.


Log in to reply