IPSEC to IPSEC LAN to LAN & OPT to LAN

Eleander

hello all,

Found a post here about 1 WAN, 1 LAN (172.18.6.x/23), 1 OPT (172.18.66.x/24) on a seperate firewall 1 and 1WAN, 1LAN (172.18.2.x/23) on firewall 2!
Got an IPSEC tunnel between firewall1 and firewall2 which in phase 2 permits traffic from LAN1 to LAN2!

Now I wan't to set up trafic between OPT (172.18.66.x/24) on firewall1 to LAN (172.18.2.x/23) on firewall2!
I read somewhere that you had to setup a new phase 1 for these sites, but I couldn't! On firewall1 when I wan't to creat it gives me the error

The following input errors were detected:
The remote gateway "x.x.x.x" is already used by phase1 "Firewall1 IPSEC".

on the other firewall I do have the possibility to create a new phase1!
Or should I just add new phase2 and do some routing somewhere?
Both firewalls are on this release:

2.2.1-RELEASE (i386)
built on Fri Mar 13 08:16:53 CDT 2015
FreeBSD 10.1-RELEASE-p6

Any help would be great!

dotdash

Just add another phase2, no routing needed.

Eleander

Tried that but doesn't seem to work?
Only thing  I changed within the phase two was

Firewall1

• Local subnet LAN -> 172.18.2.0/23
• OPT/DMZ -> 172.18.2.0/23

Firewall2
-Local subnet LAN -> 172.18.6.0/23
-Local subnet LAN -> 172.18.66.0/24

Strange, but after a reboot (due to other changes) the tunnel came active!
So thx again! Think I made typos somewhere!