Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Route all LAN traffic to gateway across IPSec

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xibalba
      last edited by

      Hey everyone,
      I have an IPSec tunnel between my house and my collocation facility. My home network is 192.168.1/24 and the colo 192.168.0/24. I wanted to know if there was a way to have all of my home's traffic route through 192.168.0.1 (colo gateway) over IPSec.
      Currently my IPSec is setup with the following

      remote 66.x.y.c {
      exchange_mode aggressive;
      my_identifier fqdn "example.com";

      peers_identifier address 66.x.y.c;
      initial_contact on;
      support_proxy on;
      proposal_check obey;

      proposal {
      encryption_algorithm blowfish;
      hash_algorithm sha1;
      authentication_method pre_shared_key;
      dh_group 2;
      lifetime time 28800 secs;
      }
      lifetime time 28800 secs;
      }

      sainfo address 192.168.1.0/24 any address 192.168.0.0/24 any {
      encryption_algorithm blowfish;
      authentication_algorithm hmac_sha1;
      compression_algorithm deflate;
      pfs_group 2;
      lifetime time 3600 secs;
      }

      1 Reply Last reply Reply Quote 0
      • C
        cconk01
        last edited by

        bump…
        I too am interested in a solution as such. I am under the impression you need to make an ipsec rule that allows traffic from 0.0.0.0 to any or something along those lines?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.