2009/6/30 Curtis Maurand <[email protected]>: > > Interesting. I had wished I could make that scenario work w/ipsec. Alas, no > joy. I had to set up a vyatta to do it and it worked flawlessly out of the > box. I didn't need a third NIC port to do it, either. My thinking is that > BSD doesn't handle virtual interfaces very well. *sigh* I like pfsense > better, otherwise. > > Curtis > > > jose thomas wrote: > > Thank you Scott, it solves my problem with routing. > > Thanks again for your time > -Jose > > On Sat, Jun 27, 2009 at 10:14 PM, Scott Ullrich <[email protected]> wrote: >> >> On Sat, Jun 27, 2009 at 6:22 AM, jose thomas<[email protected]> wrote: >> > Hi there, >> > >> > In our data center, we have two pfsense 1.2.2 boxes with two subnets >> > behind >> > the NAT. >> > The OPT1 interfaces are been using for the inter communication between >> > the >> > two lan >> > subnets owned by the two pfsense boxes. We have a configured openVPN for >> > the >> > two >> > WAN interfaces. >> > >> > The problem is that from outside anybody connects to one of the pfsense >> > box >> > thgough >> > openVPN, they are not able to access the other subnet which is under the >> > other >> > pfsense box which is connected through the OPT1 interfaces between. >> > >> > How can I add specific rule set (or any other config change) to instruct >> > that the other >> > subnet address destinations coming from openVPN clients has to pass >> > though >> > the OPT1 interface instead of the LAN interface of pfsense? Or >> > inotherwords, >> > how to >> > add one more network and gateway to the openVPN connection? >> > >> > I ran out of ideas how to solve this. Really appreatiate any help in >> > this >> > regard >> >> If memory serves me correctly you need to tell openvpn to push the >> routes. Google openvpn push routes. >> >> Scott >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> Commercial support available - https://portal.pfsense.org >> > > > > -- > Mobile: +971-50-9943477 > Office: +971-4-4370703 x 402 > Residence: +971-4-2232044 > > >
I have configured 2 IPSEC-VPN-Tunnels between 2 Boxes for such a scenario. Works like a charm..... michael -- = = = m i c h a e l - s c h u h . n e t = = = Projektmanagement - IT-Consulting - Professional Services IT Michael Schuh Postfach 10 21 52 66021 Saarbrücken phone: 0681/8319664 mobil: 0177/9738644 @: m i c h a e l . s c h u h @ g m a i l . c o m = = = Ust-ID: DE251072318 = = = --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
