08 Sep 2010
Support Center
»
Knowledgebase
»
IPsec and Multiple Subnets
IPsec and Multiple Subnets
Solution
If you need to route multiple IP subnets across an IPsec connection on pfSense or m0n0wall, there are two possible approaches.
1. CIDR-summarize subnets -- If all the subnets can be contained in one larger CIDR mask, you can use a single tunnel. An example of this would be the networks 10.0.0.0/24, 10.0.1.0/24, and 10.0.254.0/24 can all be summarized by 10.0.0.0/16. When used with IPsec, the network 10.0.0.0/16 will allow access to the many /24 networks within that network.
2. Parallel tunnels -- If it is not possible to CIDR summarize the subnets in use, for example 10.0.0.0/24 and 172.16.0.0/24, then parallel tunnels must be created. Each tunnel must have a different shared secret or they will not work.
Article Details
Article ID:
91
Created On:
19 Jul 2007 08:27 AM
This answer was helpful
This answer was not helpful
User Comments
Add a Comment
Sharing is good. If you have a comment about this entry, please feel free to share. The comments might be reviewed by our staff, and may require approval before being posted. Questions posted will not be answered. Please submit a Ticket for support requests.
Fullname:
Email: (Optional)
Comments:
Back
Login
[Lost Password]
Email:
Password:
Remember Me:
Search
-- Entire Support Site --
Knowledgebase
Downloads
Article Options
Add Comment
Print Article
PDF Version
Email Article
Add to Favorites
Home
|
Register
|
Knowledgebase
|
News
|
Downloads
Language:
English (U.S.)
