# ipsec single tunnel multiple lans



## nbari (Mar 31, 2010)

Hi all, currently I have a VPN using racoon ipsec between a juniper and a freebsd box  

the vpn was created the 'common way' 2 Peer/public IP's and later joining the private lans from each side.

my working configuration looks like:


```
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 67.228.47.147 --> 84.86.163.20
        inet 10.1.1.1 --> 172.16.10.1 netmask 0xffffffff
```

and on ipsec.conf i have something like:


```
spdadd 10.1.1.1/32 0.0.0.0/0 any -P out ipsec esp/tunnel/67.228.47.147-84.86.163.20/require;
spdadd 0.0.0.0/0 10.1.1.1/32 any -P in  ipsec esp/tunnel/84.86.163.20-67.228.47.147/require;
```

But now i was requested to reconfigure the VPN or to reach another subnet using the same tunnel, the guys usint the juniper told me that they have configure they equipment to receive ping/trafic from ips 10.1.1.1 to their subnets 172.16.10.1 and 192.168.0.1.

My question here is how to add another subnet to the already established tunnel ? if i configure the tunnel to use 192.168.0.1 it can connect and i can ping but the i can not reach the 172.16.10.1, I can have only one not two lans at the same time.

Any idea on how to access to multiple lans having the same PEER IP/ same tunnel  and same private IP ?

thanks in advance.


----------

