I'm trying to find a solution and know there are quite a few pfSense users
here, so here goes...
We've set up some IPSec tunnels and they connect. The Phase2 also "comes
up", but we can't reach the hosts specified in the Phase2 "remote network".
One instance (to keep it simpler):
WAN gateway: x
how about not masking ip addresses?
do you really need nat in phase 2 ? why?
Eero
8.2.2018 18.17 "Roland Giesler" kirjoitti:
> I'm trying to find a solution and know there are quite a few pfSense users
> here, so here goes...
>
> We've set up some IPSec tunnels and they connect. The Phase2
On 8 February 2018 at 20:40, Eero Volotinen wrote:
> how about not masking ip addresses?
>
I'm not allowed to show the ip addresses (by my client), hence the
masking...
I thought I need NAT, but I also testing simply added the virtual ip,
a.a.a.a as the address, but it still doesn't work.
>
Well. Maybe You need to hire pfsense consultant with NDA, so you can unmask
needed information.
Usually there is no need to NAT in ipsec as you can tunnel private
network/ip address too and limit access with firewall rules.
Eero
On Thu, Feb 8, 2018 at 9:42 PM, Roland Giesler
wrote:
> On 8 Febr