Greenbow client connection success but no ping
-
Hi everyone,
I need your help because I'm trying to use the greenbow vpn client to connect to pfsense through ipsec tunnel.
I'm running greenbow under windows 7 x64.
The problem is the following :
The greenbow success to connect pfsense (both phase 1 and 2 are OK and if I go into the IPsec status, I can see the tunnel established between greenbow and pfsense).
However, I'm unable to ping in both direction (from LAN to mobile client and from mobile client to LAN).
All firewall's rules have been checked twice (ESP protocol and UDP port 500 allowed on WAN interface, all traffic allowed for IPsec interface and ICMP allowed on LAN interface).There is something I don't understand because in the configuration of the greenbow, I can define the virtual IP of the mobile client on the LAN but there is no possibility to define the default gateway.
As it is recommended into the following user's guide, I defined a virtual IP in a different subnet than the remote LAN.
http://www.thegreenbow.com/doc/tgbvpn_cg-pfsense-router-en.pdf
So I don't understand how the mobile client could join any device on the remote LAN.I would like to know if someone has been able to build successfully a connection between this client or another IPsec mobile client to pfsense gateway and if he can help me to configure my connection to success.
Thank you for your help.
-
You dont have to define a default gateway for the ip just as long as you have defined the network that is behind the firewall as the remote network.
If the client is connecting but not passing traffic. Try setting the client on the public segment with a public ip, so that there is not other devices between the firewall and the client and then connect. If the vpn passes traffic you have a nat or mtu issue of some kind if you still cant ping etc.. make sure you have a rule ie * <–> * any any on the ipsec interface for vpn traffic.