Professional Documents
Culture Documents
Step 2: Logon to the web interface for pfsense on each box and assign the WAN addresses.
Step 4: Add a tunnel on Site 1’s firewall to Site 2 by adding a tunnel and changing only the
following items:
* Remote Subnet: 172.16.10.0/24
* Remote Gateway: 192.168.20.83
* Phase 1 Lifetime: 28800
* PreShared Key: conheotiensinh
* PFS Key Group: 2
* Phase 2 Lifetime: 3600
Step 5: Add a tunnel on Site 2’s firewall to Site 1 by adding a tunnel and changing only the
following items:
* Remote Subnet: 172.16.1.0/16
* Remote Gateway: 192.168.20.203
* Phase 1 Lifetime: 28800
* PreShared Key: conheotiensinh
* PFS Key Group: 2
* Phase 2 Lifetime: 3600
Step 7: Allow Authenticated Headers (TCP/51) and ISAKMP (UPD/500) with Firewall rules so
that IPSEC can pass. Firewall->Rules: WAN Tab.
Rule 1
* Source IP: Any
* Destination IP: WAN Address
* Protocol: TCP
* Port: 51
Rule 2
* Source IP: Any
* Destination IP: WAN Address
* Protocol: UDP
* Port:500
Step 8: Allow all traffic to pass through the IPSEC tunnel. Firewall->Rules : IPSEC Tab
Rule
* Source IP: Any
* Destination IP: Any
* Protocol: Any
* Port Range: Any