Identical subnets on client side



  • Hello!

    I'm using pfSense at home for years and am evaluating it for office use yet. We need to have IPSec tunnels to various customers. From time to time, a new customer has a subnet which is identical to that of another customer. 192.168.1.0/24 for example. ;D Until today, we have changed the subnet, but this requires a lot of work, depending on the size of the customer's network. I've heard that with some firewalls it's possible to have tunnels to identical subnets. Policy based routing decides to which tunnel a packet is sent. If it's from server A, it's going to tunnel A to customer A. If it's from server B, it's going to tunnel B to customer B.

    Is this possible with pfSense?

    I have searched the forum, but the last thread with this question is from 2006 and that was some versions ago. ;)

    Thank you!



  • You can have identical remote subnets if the source subnet is different. If the source is the same, you can nat on the phase2.



  • Thank you dotdash! I didn't cross my mind that I could set the source subnet (our side) to the customer's server (/32) instead of the subnet. And I will have a look at NAT too.


Log in to reply