DHCP for IPSEC Clients
-
Hi, i have a tiny problem with my cisco vpn client.
When I try to connect to my pfsense box, no ip address are given to my client.
When i see my logs i have something like that :
So maybe if i make a rule to have dhcp on ipsec it will work.
How can I do that ?
-
You don't do DHCP for IPSEC-Clients. The client has to specify the local subnet for mobile clients. You probably think the "unknown gateway/dynamic" is a bug but it just tells you that the endpoint that this log message is about is a mobile client and not a statically configured tunnel.
Your mainproblem is that you don't have proper authentication settings and from what it looks like don't have an appropriate remote subnet set in the client either.
-
my remote subnet ?
Can you advice me about my setting :
10.56.146.0/23 –--- internet ---modem with PfSenseon DMZ 128.162.49.0/24 ----- LAN : 192.168.1.0/24
So my remote subnet it the first : 10.56.146.0/23 ?
-
Your Cisco client needs to specify a local subnet for his end of the tunnel (from the pfSense point of view this is the remote subnet behind the tunnel). As this is a single client ist should be a /32. I don't know the cisco client so I can't tell you how to set it up.