Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec Tunnel Disables Interface??

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      djamp42
      last edited by

      I've noticed that when I have a IPSec tunnel up, the subnet it's pointed to no longer works on pfsense.

      Meaning that if 10.27.0.1 is the IP address on the interface the IPSec tunnel is terminated too.

      I can no longer ping that IP address from the LAN side, or if i'm SSHed into pfSense i can not ping or telnet out that interface.

      If i disable the IPSEC tunnel everything works as normal..

      For example, i could telnet to 10.27.0.2 from pfSense without IPSec enabled.

      With the IPSec tunnel up, i can not ping 10.27.0.2, or telnet to it.  I've noticed this on every single pfSense i have

      1 Reply Last reply Reply Quote 0
      • F
        fastcon68
        last edited by

        check you ipsec rules, icmp may not be allowed to pass.
        RC

        1 Reply Last reply Reply Quote 0
        • D
          djamp42
          last edited by

          @fastcon68:

          check you ipsec rules, icmp may not be allowed to pass.
          RC

          No, i'm fine passing traffic over the tunnel,

          Its when the IPSec tunnel is enabled, i can't pass any traffic from pfSense to any of the IPs assigned to the LAN interface..

          For example, any device on the LAN can't ping the pfsense IP of "10.27.0.1" when the ipsec tunnel is up.\

          IPSec Tunnel -> pfSense -> LAN Device

          So between pfSense and the LAN Device is broken.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.