As on the other site, you must add a P2 tunnel to your P1 IPsec tunnel.
To do this, click on: Show Phase 2 Entries.
Then, click on: Add P2.
On the "Edit Phase 2" page, indicate this:
Important : for the exchange of keys, you must indicate exactly the same parameters as for the P2 tunnel created on the other peer (pfSense machine).
To know :
Important : to prevent this P2 tunnel from expiring at the same time on both sides, you must indicate a 10% higher value for its Life Time compared to the value configured on the other peer .
Which gives "5400" given that the other peer was using the value "3600".
Click Save.
Click: Apply Changes.
Your P2 tunnel has been created.
For computers and servers at Site 2 (Paris) to access resources at Site 1 (Brussels), you must allow IPsec inbound traffic to Site 1.
To do this, go to: Firewall -> Rules.
Next, go to the "IPsec" tab and click Add.
Configure the settings for this firewall rule like this:
Next, configure these settings:
Click: Apply Changes.
Inbound IPsec traffic is allowed to your LAN network.
If pfSense is not the default gateway for a client, a network packet may get lost or unnecessarily pass through the default gateway instead of directly through the IPsec tunnel.
To resolve this problem, go to: System -> Routing.
On the "System / Routing / Gateways" page that appears, click on: Add.
On the "Edit Gateway" page that appears, fill in these fields:
Then, click Save.
Click: Apply Changes.
The LAN gateway has been set.
Firewall 5/30/2025
Firewall 8/16/2025
Firewall 8/20/2025
Firewall 7/23/2025
Pinned content
Contact
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.
No comment