site to site vpn configuration between pfsense and cisco asa 5505

stephenw10 · Feb 4, 2021, 4:21 PM

It could also be the host at 192.168.30.1 rejecting it.

You should use a non-default password on the ASA.

Steve

franco22 · Feb 11, 2021, 4:46 AM

stephenw10 · Feb 11, 2021, 6:19 PM

Ok, why is it configured as mobile IPSec? That's a site-to-site tunnel.

In that screenshot it is up at phase1 only. You need phase2 to be up to carry any traffic.
But you said you could ping from the ASA to pfSense so it must have been up then.

What exactly are you showing us there?

Steve

franco22 · Feb 12, 2021, 8:23 AM

@stephenw10 sorry bro i have completed the site to site VPN this was ipsec remote VPN config so you able to help with this plz..

stephenw10 · Feb 12, 2021, 2:25 PM

Ok, well it's not connected at phase 2 so check the IPSec logs for errors.

How is it configured? What are you connecting to it with?

Did you follow a guide for this?

Steve

franco22 · Feb 23, 2021, 1:27 PM

@stephenw10
ASA and Pfsence connected in a same switch I want to do sla can u able to help with this

stephenw10 · Feb 23, 2021, 3:41 PM

So you are still doing the site to site tunnel? Not mobile IPSec? (which is what I thought you meant by 'ipsec remote VPN').

Check the logs for errors on both sides.

Either the phase 2s do not match or you have no traffic there to bring them up.

Steve

franco22 · Feb 24, 2021, 11:58 AM

@jknott hello How are You Can you Able to help with this issue pls asa and pfsence in same vlan and i have to do sla

stephenw10 · Feb 28, 2021, 5:44 PM

In pfSense it should be no more difficult than adding firewall rule in IPSec to allow echo requests from whatever IP the ASA is using to send them.

Steve

franco22 · Apr 12, 2021, 5:31 AM

@stephenw10
Did You know about Haywire

stephenw10 · Apr 12, 2021, 1:08 PM

Umm, probably not.
The film? I enjoyed it.

Steve