Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Identical subnets on client side

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 899 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hugo
      last edited by

      Hello!

      I'm using pfSense at home for years and am evaluating it for office use yet. We need to have IPSec tunnels to various customers. From time to time, a new customer has a subnet which is identical to that of another customer. 192.168.1.0/24 for example. ;D Until today, we have changed the subnet, but this requires a lot of work, depending on the size of the customer's network. I've heard that with some firewalls it's possible to have tunnels to identical subnets. Policy based routing decides to which tunnel a packet is sent. If it's from server A, it's going to tunnel A to customer A. If it's from server B, it's going to tunnel B to customer B.

      Is this possible with pfSense?

      I have searched the forum, but the last thread with this question is from 2006 and that was some versions ago. ;)

      Thank you!

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        You can have identical remote subnets if the source subnet is different. If the source is the same, you can nat on the phase2.

        1 Reply Last reply Reply Quote 0
        • H
          hugo
          last edited by

          Thank you dotdash! I didn't cross my mind that I could set the source subnet (our side) to the customer's server (/32) instead of the subnet. And I will have a look at NAT too.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.