Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    AWS IPsec no connection (Status / IPsec / Overview) missing SA entries

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 366 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfScool
      last edited by

      Hi, I'm trying to set up an additional IPsec connection to AWS with my high availability pfSense with 8 interfaces and several Virtual IPs (WAN interface 2 Virtual IPs).

      What is noticeable is that under "Status / IPsec / Overview" the AWS configuration is the only one that shows "NAT-T" and the SA entries (Phase 2) cannot be seen there at all like with the other connections.

      The worst part is that with a "Zyxel USG40" it works right away.

      I am very grateful for every idea.

      Version: 2.4.5-RELEASE-p1 (amd64)

      1 Reply Last reply Reply Quote 0
      • P
        pfScool
        last edited by

        Hi, the error was found and corrected in the VPN configuration on the AWS side.
        The pfSense LAN subnet is entered there under "Local IPv4 Network Cidr".
        The VPC subnet must be entered under "Remote IPv4 Network Cidr".

        AWS -> "VIRTUAL PRIVATE NETWORK (VPN)" -> "Site-to-Site VPN Connections":

        aws-vps-ipsec.png

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.