Lan to hosts VPN



  • Hi all, I got a question on site-to-site IPSec VPN between our PFSense 2.1 and a customer Cisco 3845.

    Our lan net is 192.168.1.0/24
    Our public wan address is 83.102.90.12
    Customer wan address 83.103.92.89
    Customer destination lan hosts:
      - 10.200.201.12
      - 10.220.182.12
      - 10.220.182.13
      - 10.230.67.100
    Our customer asked to nat our addresses with subnet 10.250.120.64/26, so I reserved a subnet on our lan for the nat (192.168.1.128/26).

    So the main objective is to create a vpn connection to let a subnet (192.168.1.128/26) connect to a few hosts (10.200.201.12, 10.220.182.12, 10.220.182.13, 10.230.67.100).
    First of all someone can confirm is it possibile?

    I suppose I need to create a single phase one configuration, but can I create more phase two configurations (one for each destination host)?
    For each phase two configuration (=destination host) I need to repeat local subnet 192.168.1.128/26 (with nat on 10.250.120.64/26), is it right?

    Thanks for every info, sorry for stupid questions but I have no experience with ipsec :)