Ipsec to host group



  • Hi all,

    is it possible to create a ipsec vpn to a group of host instead of to single host (in Local subnet field)?

    Regards

    JMB



  • You mean a single tunnel to multiple endpoints?
    No.
    But you can have a pfSense on both ends of the tunnel and have the pfSense on the other end of the tunnel as gateway for your remote subnet.



  • OK

    at the other end it is a cisco ASA,

    they only want to see 3 host on our LAN.

    they try to implement this:

    Extended IP access list ACL-XXX

    10 permit ip 150.2.0.0 0.0.255.255 host 172.16.3.14

    20 permit ip 150.2.0.0 0.0.255.255 host 172.16.3.16

    30 permit ip 150.2.0.0 0.0.255.255 host 172.16.3.15

    any idea ?


Log in to reply