IPSEC VPN problem
-
i have problem with PFSense configuration.
Background
We have an office and two Data Centre. the two Data Centres are connected via a private VLAN. Dc5 and DC3. both Data Centres can see the Network Card 2 of the pfsense box.
The Data Centre PFsense has 3 network cards. 1 for public IP, 1 for Local Lan, and 1 for Vlan (the Data Centres can see the vlan interface
now, i want to be able to see the Data Centre Vlan from my local office
192.168.1.X is local Office
192.168.50.254 is Nic 2 of Data Centre Pfsense (Local office can this this network)
192.168.14.254 is nic 3 of the Data Centre Pfsense (Local Office cannot see this network)is there any reason why i would not be able to see the vlan network?
In the logs i see ipsec_starter[37214]: configuration 'con1000' unrouted
-
I noticed the IPSec SPD only contains the first lan IP address and not the second network interface.
How would i get the IPsec to list both lan interface ips?
-
-
Already tried that.
The only way i could get this to work was to remove EM1 (Lan 1) and move the Data Centre Vlan EM2 to LAN of the PFsense
it appears PFsense is not able to route IPsec to additional interfaces (OP1)
before that, EM0 = Wan, EM1 = Lan, EM2=Vlan
now have EM0=Wan, EM2 = LAN, I can now see all the hardware at the data cente from the office using private IPs
-
it appears PFsense is not able to route IPsec to additional interfaces (OP1)
Of course you can, tens of thousands of people's networks including our own wouldn't work if that were true. There is some other difference between what you had and what you have now.