Hello everyone, I have the following setup:
PFsense1 (LAN1: 192.168.40.0/24) PFsense2 (LAN2: 192.168.41.0/24) PFSense3 (LAN3: 192.168.44.0/24) I've got two MPLS lines connecting PFSense2<->PFSense1<->PFSense3 (PFSense1 is the center of the star topology). I use IPSec tunnels on top of MPLS links. I'm able to get from LAN1 to LAN2 and from LAN1 to LAN3 via IPSec tunnels. I need to make LAN2 and LAN3 visible to each other. Is it possible to do it via IPSec links? I've tried adding an additional Phase 2 entry at PFSense1 posing as if LAN3 were local, and adding the corresponding Phase 2 entry at PFSense2 to tell LAN2 to route packets destined to LAN3 via that newly added Phase 2 sub-tunnel against PFSense1. Packets do arrive to PFSense1 but don't progress any further despite having static routes indicating howto get to LAN3. I hope I'm clear about the problem. If it were not possible to do it via IPSec routing, is there any other solution different than NAT+static routes? Thanks in advance! -EC _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
