1. Home
  2. pfSense® Software
  3. IPsec
  4. Forcing all traffic over IPSec VPN and the ability to do further routing

Forcing all traffic over IPSec VPN and the ability to do further routing

  • S

    Hello All,

    Ii it possible to force all traffic over a sit-to-site IPSec tunnel and then route the traffic to another gateway through the tunnel end point device internal interface?

    all traffic-> branch device –>IPSec tunnel --> data center device --> internal interface -> other data center device

    Thanks,
    -S

    0
  • jimp
    Rebel Alliance Developer Netgate

    You can't "route" it in the traditional way but depending on what you're trying to do, it may still be possible. It's all up to the Phase 2 networks in IPsec.

    You can force all traffic over the tunnel from the LAN (local P2 net = LAN network, remote P2 net = 0.0.0.0/0) but that means everything from the LAN will be forced over IPsec.

    Once it hits the other side you'll have to pass it in the rules, NAT it outbound, etc.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy