I have pfSense with several subnets on separate interfaces at my home
office and many of my clients have the same. I have IPSEC to these
clients so I can admin remotely. The problem I have is that I have not
found a way to route the subnets across IPSEC. Consequently, I have 2,
4, 6, 8 or even 9 IPSEC tunnels per client for the same site-to-site.
Seems absolutely ridiculous to have multiple VPN tunnels between the
same site-to-site, and management of all the tunnels alone is a
nightmare, not to mention a huge processing burden on my home pfSense
box that's juggling dozens of IPSEC tunnels (granted, not all tunnels
are active all the time, but I am frequently connected to several
clients' subnets at any given time).
Obviously traffic needs to know to route a subnet across a particular
VPN, but I've tried static routes with no luck. I can't figure out what
to put for the gateway--tried every local and remote IP possible and
nothing worked.
How can I route multiple subnets across the same IPSEC tunnel?
--Bennett
