just a thought. pfsense should be able to support multiple subnets/selectors in an ipsec tunnel. after all these aren't linksys gateways.
i always use a different vlan/subnet for voip traffic and when i connect sites together (either telecommuter or branch office) i usually set up a ipsec tunnel that will handle all the subnets that need to talk to each other. so rather than assuming that we only want to connect to one remote subnet at a site and that that site only wants to see one of mine, i'd like to set them up in one tunnel. also, can traffic shaping work on traffic going through a tunnel? just wanted to know if traffic shaping rules were applied before or after encryption. also, any plans to implement ip compression in tunnels? -- We've Got Your Name @ www.mail.com!!! Get a FREE E-mail Account Today - Choose From 100+ Domains