• Scaling IPsec (and VPNs in general)

    Pinned
    2
    15 Votes
    2 Posts
    6k Views
    ?
    Thank you!
  • Questions about having overlapping P2s in different tunnels

    1
    0 Votes
    1 Posts
    82 Views
    No one has replied
  • VTI IPsec with 3rd party routers that use policy routing

    5
    0 Votes
    5 Posts
    176 Views
    L
    @viragomann Thanks for your help. Unfortunately, I am already using the "Filter IPsec VTI and Transport on assigned interfaces, block all tunnel mode traffic" option, which allows me to have one filter rule tab per VPN interface, but also prevents me from using policy-based VPNs. Do you think my proposal of not adding the 0.0.0.0/0 default routes would be workable?
  • Help me troubleshoot IPsec tunnels not routing properly?

    3
    0 Votes
    3 Posts
    31 Views
    A
    @viragomann This was exactly what it was: it was Windows Firewall running on that server. Gaaaaa!
  • IPSec not matching Phase 2?

    1
    0 Votes
    1 Posts
    66 Views
    No one has replied
  • Sometimes all vpn ipsec are down

    1
    0 Votes
    1 Posts
    74 Views
    No one has replied
  • IPv6 address in Dashboard IPSec widget

    1
    0 Votes
    1 Posts
    18 Views
    No one has replied
  • Dynamic Routing IPSec with OSPF, Printing issues

    1
    0 Votes
    1 Posts
    94 Views
    No one has replied
  • Upgrade from 2.7.2 to 2.8.0 ipsec

    Moved
    8
    0 Votes
    8 Posts
    348 Views
    C
    I definitely will do this next week and post here the results. Thank you
  • IPSec service won't start

    1
    0 Votes
    1 Posts
    27 Views
    No one has replied
  • Routed VTI Interface No Traffic On Other Side

    11
    0 Votes
    11 Posts
    335 Views
    planedropP
    Opened a Redmine about this since this either A. needs to be explained more clearly, or B. needs to be changed so the docs say "will" instead of "may". https://redmine.pfsense.org/issues/16340
  • Using VTI IPsec to bypass managed office NAT

    1
    0 Votes
    1 Posts
    103 Views
    No one has replied
  • [RESOLVED] IPSec tunnel OK but routers can't ping each others

    6
    0 Votes
    6 Posts
    15k Views
    A
    @nicolasfo said in [RESOLVED] IPSec tunnel OK but routers can't ping each others: You can know everything about everything thanks to Google. But if you don't know what to search, it is useless. The problem is resolved, by adding a bogus route, by hand. Here's the explanation : https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN Thanks for help Oh my god this worked! Created an account just to say THANK YOU for this. I have a pfSense<->Unifi connected via IPSec. Applying it on the pfSense side makes pfSense->Unifi direct gateway/FW connection possible. Applying it on the Unifi side made my IPSec work perfectly. Again, thank you!
  • Does not have a public address and is behind NAT

    4
    0 Votes
    4 Posts
    198 Views
    T
    @Gertjan said in Does not have a public address and is behind NAT: Managed to solve the problem. You need to enter any fictitious name and your external IP in DNS Resolver. I entered both my pfsense on one and the second pfsense.[image: 1753101520478-%D1%81%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2025-07-21-%D0%B2-15.38.01.png] In phase 1 you need to register. [image: 1753101586516-%D1%81%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2025-07-21-%D0%B2-15.39.32.png] After which everything started working.
  • This topic is deleted!

    1
    0 Votes
    1 Posts
    15 Views
    No one has replied
  • This topic is deleted!

    1
    0 Votes
    1 Posts
    7 Views
    No one has replied
  • NAT via two PFSense Firewalls connected via IPSec

    4
    0 Votes
    4 Posts
    285 Views
    V
    @zulasch This would require, that you have defined an SPD for the "users" IP and the webserver in IPSec. But the clients IP is dynamic. So it would only work if you route the whole upstream traffic from the webserver over the VPN, which might not be what you want. It would work with any other kind of VPN though, which gives you the possibility to assign an interface to. Could be OpenVPN, Wireguard or IPSec VTI.
  • Pfsense Multi WAN IPSec Setup Issues

    1
    0 Votes
    1 Posts
    132 Views
    No one has replied
  • 0 Votes
    2 Posts
    550 Views
    GertjanG
    @Yamka said in TheGreenBow VPN Client issue with access through WAN with router in DMZ mode.: TheGreenBow VPN Client is this a VPN application on a device, the device is connected to the pfSense LAN ?
  • IPsec Tunnel - LAN can’t reach VPN clients

    1
    0 Votes
    1 Posts
    136 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.