VPN Tunnel to Cisco VPN

  • Hi,

    I just installed pfsense yesterday so I have much to learn about this great software.

    I'm currently using a Cisco VPN Client to connect to my work VPN.  The VPN is setup on a Cisco PIX-501.  I would like to set PFSense to have an always on connection to my vpn.

    Here is what I put into the Cisco VPN Client to establish a connection to the VPN.

    Host: xxx.xxx.xxx.xxx
    Group Authentication
    User Name:

    Transport –> Enable Transparent Tunneling -->> IPSec over UDP (Nat/Pat)

    I'm not quite sure were to put these settings in pfsense to create the connection.  The Cisco VPN client maybe leaving some of the gritty details out on how it makes its connection.

    Can anyone point my in the right direction on establishing this tunnel?

    Thanks in Advance!


  • http://doc.m0n0.ch/handbook/examplevpn.html#id2606293 has an example on setting up IPSEC between a Cisco PIX and m0n0. It's the same for pfSense.

    You can add a monitor IP at the pfSense of the remote subnet to keep the tunnel alive or bring it up automatically after the connection has been disconnected for some reason (bottom part of tunnel settings).

  • Hi,

    I have just joined this forum and I have been looking all over the web unsuccessfully for a solution for my problem. :-[

    I am trying to connect pfSense to a Cisco VPN Server using Group and User authentication (and not pre-shared key as the link suggests). Is there anyway of configuring pfSense to allow this type of implementation?


  • Also I have a need for the user!group authentication feature. Is it possible now or should we raise a bounty for it?

  • I'm in the same boat.

    PC with Cisco VPN client, configured for Group Auth, Tunneling IPSEC over UDP.

    I'm unable to get the desktop client to work behind the PFSENSE box (tried 1.01 and todays CVS). If I put the VPN client in FRONT of the box, IE on the public IP, works first time, like a charm. Dialup, works find. Sprint Wireless Modem, works fine. Behind the PFSENSE box, no work.

    I've tried NAT/Port forwarding, TCP/UDP 500, TCP/UDP 10000, ESP, etc. No work.

    I'd be happy with EITHER the VPN client working, or the PFSense box establishing the connection. Either would serve what I  need to accomplish. HELP!

Log in to reply