Bonjour



  • Guys I have PFSense running on a VM in Fusion.  On my edge is an Apple Airport Extreme.  My internal block is 10.1.1.0/24

    Is it possible to terminate mobile IOS IPSec VPNs on it (500 and 4500 forwarded) and have the mobile device have an IP on 10.1.1.0/24 and communicate freely (including multicasts)?


  • Rebel Alliance Developer Netgate

    No. IPsec clients must operate in their own separate subnet and cannot be bridged to the existing LAN subnet. Multicast won't work either.

    An OpenVPN tap bridge would get you what you want but I don't believe the OpenVPN client for iOS supports tap yet (though I could be wrong on that)



  • It doesn't.