Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfSense 2.3.2 Ipsec site to site ok but can't access LAN

    IPsec
    1
    1
    999
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      edge42 last edited by

      Hello

      My site to site VPN Ipsec is ok but I can't access any LAN addresses or get my internet traffic Site 1 to Site 2, No ping either (lan)

      My configuration :

      Pour le Site 1 :
      VPN > IPsec > Tunnels >

      Key Exchange version : V2
      Internet Protocol : IPV4
      Interface : WAN
      Remote Gateway : IP Public (failover ESXI)

      Phase 1 :
      Authentification Method : Mutual PSK
      My identifier : Ip adresse public de la box (Site 1)
      Peer identifier : Peer IP address
      Pre- Shared Key :
      Encryption Algorithm : AES 256 bits
      Hash Algorithm : SHA 256
      DH Group : 2 (1024bit)
      Lifetime : 3600
      Dead Peer Detection : Enable DPD
      Delay : 10
      Max failures : 20

      Phase 2 :
      Mode : Tunnel IPV4
      Local Network : 192.168.100.0 / 24
      Remote Network : 0.0.0.0 / 0
      Protocol : ESP
      Encryption Algorithms : AES256-GCM Auto
      Hash Algorithms : None
      PFS key group : 2 (1024 bit)
      Lifetime : 3600

      Pour le Site 2 :

      VPN > IPsec > Tunnels >

      Key Exchange version : V2
      Internet Protocol : IPV4
      Interface : WAN
      Remote Gateway : IP Public de la box (Site 1)

      Phase 1 :
      Authentification Method : Mutual PSK
      My identifier : Ip adresse public (failover ESXI)
      Peer identifier : Peer IP address
      Pre- Shared Key :
      Encryption Algorithm : AES 256 bits
      Hash Algorithm : SHA 256
      DH Group : 2 (1024bit)
      Lifetime : 3600
      Dead Peer Detection : Enable DPD
      Delay : 10
      Max failures : 20

      Phase 2 :
      Mode : Tunnel IPV4
      Local Network : 192.168.2.0 / 24
      Remote Network : 192.168.100.0 / 24
      Protocol : ESP
      Encryption Algorithms : AES256-GCM Auto
      Hash Algorithms : None
      PFS key group : 2 (1024 bit)
      Lifetime : 3600

      On the both sides i have the rules on Firewall > Rules > Ipsec > TCP, UDP, ICMP Allow all

      1 Reply Last reply Reply Quote 0
      • First post
        Last post