Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec IKEv2 Connection Succeeds but Can't Access LAN

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      spieden
      last edited by

      Hello!

      I followed these instructions and am able to connect my macOS 10.11.5 machine to my pfSense 2.3.1-RELEASE box via IPSec and IKEv2:

      https://forum.pfsense.org/index.php?topic=106433.0

      However, I can't access any LAN addresses or get out to the internet. I do see this in my ifconfig output on the Mac:

      ipsec0: flags=8051 <up,pointopoint,running,multicast>mtu 1400
              inet 10.2.123.1 –> 10.2.123.1 netmask 0xff000000

      This /24 is indeed the one I setup as the "Virtual Address Pool" for my "Mobile Clients" config, so I'm at least getting that far.

      Anyone have any ideas on what I can check?

      Thanks!

      • spieden</up,pointopoint,running,multicast>
      1 Reply Last reply Reply Quote 0
      • nsi-fusionN Offline
        nsi-fusion
        last edited by

        Firewall rules?? You could also check if LAN IP range is allowed/presented in the IPsec setup…

        1 Reply Last reply Reply Quote 0
        • S Offline
          spieden
          last edited by

          Aaaaand I had the firewall rule wrong. I was only allowing TCP across IPSec and then wondering why I couldn't ping anything or do DNS lookups .  ::)

          Thanks for helping me check my work.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.