Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [done] Ping through IPSec-Tunnel to remote Gateway not working

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      nachtmensch
      last edited by

      Hello together,

      i have a IPSec-Setup with several remote sides. Everything is working fine and stable.

      The only thing i don't understand is, my pfSense is not able to ping the remote gateways (here Draytek Vigor and different AVM Fritzboxes) and clients on the remote subnets.
      Ping to the remote gateways/clients from my subnet clients works perfectly fine.

      Do i miss something, somewhere? I tried all interfaces within the Diagnostics -> Ping Tool as well as the "Auto" option…

      Edit:
      Can it be a real bug?
      Why should I set the option to monitor an ip-adress within IPSec Phase 1 config, when pfSense is not able to ping through the tunnel?

      PC Engines APU.2C4, pfSense 2.3.2-RELEASE-p1

      1 Reply Last reply Reply Quote 0
      • L Offline
        lolman
        last edited by

        I have the same problem.

        I can't ping from my pfsense-box (A) through the tunnel to the other pfsense-box (B) on the remote-site.
        The tunnel is up and working.

        I can ping from my PC (on A-site) to the remote pfsense (B).
        I got a firewall-rule on each site in the IPsec tab:

        Action: Pass
Interface: IPsec
IPv4
Protocol: any
Source: any
Destination: any

        I wanted to try the voucher-sync from the captive portal through my tunnel and found this problem.

        1 Reply Last reply Reply Quote 0
        • N Offline
          nachtmensch
          last edited by

          Found something:

          https://redmine.pfsense.org/issues/4849 => https://forum.pfsense.org/index.php?topic=95573.0 =>https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN =>https://doc.pfsense.org/index.php/What_should_I_ping_for_IPsec_Keep_Alive

          It's not a bug, it's a feature  ;)

          PC Engines APU.2C4, pfSense 2.3.2-RELEASE-p1

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.