Heiko This is an amazing news. Let me try some guidance from you. One Machine A(PFSENSE), I have to create a rule.... and in that I use the "public IP" of the remote gateway. And for my identifier I will use [EMAIL PROTECTED]
Then on Machine B(PFSENSE), I have to create a corresponding rule and in that I again have to use the "public IP" of the remote gateway. And for my identifier I can use [EMAIL PROTECTED] This appears to be the case when two pfsense talk to each other. However, if I put either a netscreen or linksys on the other side my problem will be solved. I looks like at least one of the node has to support a DYNDNS for remote gateway. Did I understand it correctly? Anil Garg Heiko Garbe <[EMAIL PROTECTED]> wrote: with 1.2 you needn´t static ips on both sides, one side dynamic pfsense and one side static pfsense and it works greetings heiko Jeppe Ãland schrieb: > Try this one: > http://pfsense.untouchable.net/tutorials/openvpn/pfsense-ovpn.pdf > > Regards, > -Jeppe > > On Thu, Feb 28, 2008 at 8:04 AM, Anil Garg wrote: > >> Thanks for your response Martin - >> Rev 1.3 might be some time away... I'd like to do an Open VPN site-2-site. >> Do you have a link or two to point to me as I am a Newb on computers.... >> Best >> Anil Garg >> >> >> >> "Fuchs, Martin" wrote: >> >> >> So then go on and use OpenVPN site-to-site⦠it works woth 2 dynamic IPs⦠>> >> Dynamic IPs for IPSec will be in 1.3⦠>> >> Regards, >> >> Martin >> >> >> Von: Anil Garg [mailto:[EMAIL PROTECTED] >> Gesendet: Donnerstag, 28. Februar 2008 04:51 >> An: [email protected] >> Betreff: [pfSense Support] IPSEC >> >> Hey guys - I am a happy camper with pfsense and recently upgraded to 1.2 and >> have no issues to report so far. >> >> I am trying to hook up two pfsense boxes with IPSEC site to site.... >> >> It looks like that it needs a public ip address to create a tunnel. I >> could try and get public IP address at one place but it looks like it still >> will not work because I need public IP address on both sides..... >> >> >> Have looked at all documents and spent many hours without avail... >> >> Will some of you learned people suggest a way out.. I can only get a Public >> IP address at one location and I am happy to do pay for that. But the >> second location being a AT&T DSL in San Jose, CA - this is not an >> option,..... >> >> Much appreciate your help and guidance. >> >> >> Best Regards >> Anil Garg >> >> >> >> -- Mit freundlichen GrüÃen H. Garbe "Der Computer ist eine logische Weiterentwicklung des Menschen: Intelligenz ohne Moral! --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
