Route the same LAN network through IPSec

This forum is intended to provide straightforward answers for people trying to use Open Source firewalls such as the pfSense® and OPNsense® firewall systems.

Moderator: gregober

Post Reply
User avatar
Posts: 4
Joined: 19 Jun 2020, 19:12

Route the same LAN network through IPSec

Post by JonPre » 23 Sep 2020, 18:07

Hello team,

I would like to know if it's possible to do the scheme in attach?
The idea is to enable the communication between and by using the intermediate gateway

I know it's unusual but it's a necessity.

Thanks for your help.
User avatar
Posts: 128
Joined: 26 Mar 2019, 15:06

Re: Route the same LAN network through IPSec

Post by gregober » 25 Sep 2020, 12:50

Hello Jon,

Yes, I think It is possible to do that without any problem.

You probably will have to go through the details of the configuration of IPsec proposed by Microsoft.
This seems to be detailed here : ... ger-portal

It looks like they are using the following :
  • For phase one :
    • Key exchange : auto
    • Remote GW : depending on your location
    • Authentication mode : Mutual PSK
    • Negociation mode : Main
    • My ID : My IP
    • Peer ID : Peer IP
    • Encryption P1 : AES 256 - SHA256 - DH Group 2
  • For phase two :
    • List remote network
    • Also in AES 256
    • List local network

You'll need to add the right FW rules in order to secure all this…
But basically this should do it !
Post Reply