Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic over IPSec blocked by "Default deny rule IPv4".

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alexis.olivier
      last edited by

      Hello everybody,

      I have two pfSense boxes running with 2.0RC3 in the same network. I tried to make an IPSec transport connection between them.

      The IPSec works well (racoon gets its connection established), but the problem is that all traffic going through enc0 is blocked by "Default deny rule IPv4", despite a firewall rule has been added to pass all the IPv4 traffic (tcp/udp) coming through IPSec interface (enc0). This rules is evaluated (evaluations counter grows up in pfctl -v -sr), but no packets is allowed.

      Did i forget something ?

      Thanks in advance for your answers !

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Show a screenshot of the rule itself, and of the firewall logs that show it blocking.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • F
          ferret
          last edited by

          @alexis.olivier:

          Hello everybody,

          I have two pfSense boxes running with 2.0RC3 in the same network. I tried to make an IPSec transport connection between them.

          The IPSec works well (racoon gets its connection established), but the problem is that all traffic going through enc0 is blocked by "Default deny rule IPv4", despite a firewall rule has been added to pass all the IPv4 traffic (tcp/udp) coming through IPSec interface (enc0). This rules is evaluated (evaluations counter grows up in pfctl -v -sr), but no packets is allowed.

          Did i forget something ?

          Thanks in advance for your answers !

          Hi,

          Did you resolve this issue yet?

          Cheers

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.