• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Problem with AH Packets in Bridged Mode Filtering

Firewalling
1
1
1.1k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    florut
    last edited by Jun 29, 2009, 2:47 PM

    Moin,

    I have the following setup to connect offices to our main office:

    Main-Net  – Router cisco 2811 ---- Firewall -----Internet ------ Router Cisco 1812 ---- Office-Net

    ......and everything works fine.

    The tunnel is ipsec encrypted.

    For security reasons I want to do the following:

    Main-Net  -- Router cisco 2811 ---- Firewall -----Internet ------ pfsense with transp. FW ---- Router Cisco 1812 ---- Office-Net

    Now my problem:
    The tunnel comes up. "show crypto session" says "Up Active"
    The pfsense Firewall-Log stays quiet.
    Incomming AH PAckets are forwarded, but manipulated.
    The Identification header changed from 0x1b3 to 0x9a4 (in IP)
    These packets are ignored by the router, so that there is no communication possible
    Every other bit in the packet is the same (excluding checksums)
    Deactivating packet filtering solves the problem (but that is not, what I want to do)

    Please help me to fix this problem.

    Florian

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.