Settings for node-to-node IPSEC tunnel needed



  • I need suggestions for setting up a node-to-node IPSEC tunnel on PFSense 2.1. I have built LAN-to-LAN VPNs but not VPNs that link two specific nodes. The remote firewall is a Cisco ASA5510 owned by another organization.

    My information about the remote network is limited to the IPSEC parameters, the public IP address of the ASA5510 and the remote VPN network address. I cannot determine how to set up IPSEC Phase 2 when the tunnel endpoint address is also the remote network address, or how to NAT my local VPN address to the workstation that's using the tunnel.

    I have attached a JPG file showing the proposed topology. Any suggestions are welcomed!

    Cheers,
    Ed
    ![VPN Topo.jpg](/public/imported_attachments/1/VPN Topo.jpg)
    ![VPN Topo.jpg_thumb](/public/imported_attachments/1/VPN Topo.jpg_thumb)



  • You just set the phase 2 to match the node IPs on either end. In 2.1 you can do the specify an address to NAT your internal node to below where you enter the real ip.


Log in to reply