Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSEC in pfSense 1.2.1

    IPsec
    3
    3
    3788
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scottnguyen last edited by

      As I been perusing the forum, it is obvious the release of 1.2.1 is coming 'soon.'  With that said, a couple of question to those who have already deployed or tested IPSEC in 1.2.1 beta/rc.

      1.  How does it interoperate with another vendor (using site-to-site) - does it work with Cisco, Sonicwall - please provide the other vendor you verified with (yes I have similar question for 1.2). 
          NOTE:  Not sure it matters since its based off of FreeBSD 7 release which went towards only Fast IPSEC - no longer KAME - hence a question on interoperability.

      2.  Does Shrew client work fine with this release?

      Thank you.

      1 Reply Last reply Reply Quote 0
      • D
        databeestje last edited by

        We were already using fast_ipsec in 1.2 so no change there.

        We have wildly differing reports on operability. I work mostly with Draytek routers or other pfSense machines with site-site tunnels.

        I do know of atleast one Cisco 3005 VPN concentrator I am connecting 2 site to sites on.

        1 Reply Last reply Reply Quote 0
        • M
          mgrooms last edited by

          The Shrew Soft client works with pfSense 1.2.x but in a degraded fashion. That said, I don't think other clients would work any better. The major shortcoming is that the 1.2.x versions of pfSense do not take advantage of the ipsec-tools features which improve compatibility with mobile clients. For a bit more detail, please see the issues section of the Shrew Soft Zywall howto ( it has many similar problems ). http://www.shrew.net/support/wiki/HowtoZywall#KnownIssues

          The 1.3 version of pfSense will address most of the 1.2.x shortcomings. Please see this blog entry for more details …
          http://blog.pfsense.org/?p=211

          1 Reply Last reply Reply Quote 0
          • First post
            Last post