Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense IPSec Passthrough ? Cisco QuickVPN Client can't get out …

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 5.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FBI01
      last edited by

      Hello,
      we try to get a connection with the "Cisco (Linksys) QuickVPN Client" to a RV042 Router. When we use the way without pfSense it works - if we come from the LAN Network with a rule "protocol:any source: <the client="">destination:any ok" (… open way out) something seems to block it - or is NAT the problem ?? Can some give us a hint please ...
      (We are running NAT with: "Automatic outbound NAT rule generation (IPsec passthrough)".)
      Thanks, FBI01</the>

      1 Reply Last reply Reply Quote 0
      • G
        gerdesj
        last edited by

        I had issues with this as well.  Perhaps this will help.  I have three ADSL modem/routers in front of my PFSense box.

        Make sure NAT is disabled on PFSense if it is behind another router otherwise you double NAT.  Enable Manual outbound NAT but don't create any rules unless you have a mix of connections.  That is create NATs for interfaces that are directly connected and don't for those that are behind a NATing router.

        If you are load balancing across multi link the define a rule on LAN: all protos/ports, destination: <the other="" end="">, route via "default".  This will make sure that all traffic to this destination gets through and does not get bounced around.

        Cheers
        Jon</the>

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.