Hello, I have a site to site VPN between 2 offices, one is 10.0/16 (with static IP) and one is 10.1/16 (without static IP and has a 192.168.0/23 hidden behind it). I can't remember the exact setup, but it was working fine for a few months, and broke yesterday. Because there are 2 different subnets, I created 2 different phase 2 entries that maps each subnet to a remote subnet. Both phase 2 are up and green. Problem is, now every host in 10.1/16 can reach anything in 10.0/16, but it's going out the open Internet, even though I've set up tunnel mode for phase 2. 10.0/16 can reach 10.1/16 (according to the first phase 2 entry) without a single problem, but every single packet to 192.168.0/23 (the hidden subnet) failed in one of 2 ways:- If there are no static routes, the packet seems to be routed out to the Internet and dropped dead somewhere. Probably because it can't find the dynamic IP of the other side- If there is a static route for 192.168.0/23 pointing to 10.0.1.1 (pfSense), it drops dead right there in 10.0.1.1 So what do I do now? Angela
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
