Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to bring phase 2 with custom Local Address up

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 581 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TSO
      last edited by

      Hi,

      I'm having an issue with an IPSEC configuration between a pfsense version 2.1-release and a fortigate 30D.  The Phase 1 has come up fine and one of the phase 2 connections between the LAN interface on the pfsense and the remote network on the fortigate is working fine.

      The issue I have is when trying to create a phase 2 with a "Network" address on the pfsense, when I do that - pfsense simply won't allow me to bring the phase 2 online - screenshots attached of the Phase 2 config that isn't working and the phase 2 status where you can see my LAN - remote network configuration working and the Network - Remote network configuration not working (and there is no Play button to bring up the VPN, so I'm guessing I'm doing something fundamentally wrong on the pfsense).

      Do I need to create a VLAN interface on the pfsense for the 10.32.168.0 subnet I want to push across the VPN, or is there something more basic I'm missing?

      Thanks,
      TSO
      phase2config.png_thumb
      phase2config.png
      Phase2Status.png
      Phase2Status.png_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.