You need to set the ip address when creating the ipsec tunnel AND set the failover ipsec ip to the same. This forces RACOON to listen on the ip in question.
On 5/31/06, Mark Wass <[EMAIL PROTECTED]> wrote:
Hi Scott Just so I fully understand. If I had PFSense setup using CARP at the OPT1 interface at both ends of the tunnel, I would need set the Interface setting as the virtual IP address when creating the IPSEC tunnel? Do you follow what I mean? Have I understood the process? Thanks Mark Scott Ullrich wrote: Yes, set the Failover IPSEC ip address. It really only sets the listen address but in effect sets the failover ipsec address (to say a carp ip for instance) but works perfectly fine with regular ips as well. I have been thinking about changing the name of this feature. Suggestions welcome. On 5/30/06, Mark Wass <[EMAIL PROTECTED]> wrote: Hi All Can you have an IPSEC tunnel going out the OPT1 interface of one PFSense box to another PFSense' OPT1 interface, or can IPSEC tunnels only go over the WAN interface? Thanks Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
