IPSec Mobile Client Full Tunnel issue
-
Hello,
I have two pfSense boxes that have IPSec site-to-site setup and it works fine. Also on both I set IPSec mobile clients that work great.
However, sometimes I want to be able to have full tunnel for the mobile clients and route all my traffic to the other site. The pfSense documentation says:
Phase2: "Local Network: (the local network, e.g. LAN, or 0.0.0.0/0 to send everything over VPN)" and I did that but still no luck. What am I doing wrong?
-
You need to add additional p2 for mobile IPSec policy with remote subnet
-
You need to add additional p2 for mobile IPSec policy with remote subnet
For remote subnet you mean the subnet where I am or where I'm connecting to ?
-
Subnets need to be referenced at both ends so that traffic knows how to return
-
Your mobile vpn needs another p2 so that the mobile IPSec knows about the remote network. It does not get that from the point to point.