IPSEC tunnel connected but only one way traffic working… Please help! :(

  • Alright. This should've been more simple. What am I missing?

    Site 1:

    Site 2:

    FW IPSEC Rule is Allow Any

    I can ping from Site 2 to Site 1, but not the other way. I have tried using another clean pfSense instance at Site 2 just in case our Cradlepoint router was the issue, but typically use the Cradlepoint. Changing the router to the new pfSense instance didn't help at all, so my assumption is that Site 1's routing is screwed up somehow. I used a basic Cisco RVS4000 before pfSense was installed and the tunnel worked great between it and the Cradlepoint.

    Also, I reverted to default settings on both sites and started from scratch - still no good.

    I've exhausted all the forum posts I can find to no avail. Help!

  • How and what do you ping?
    Do you ping via the gui of pfSense (Diagnostics->Ping) or do you use a computer behind the pfSenses?
    Do you ping the pfSense itself or a computer behind the pfSense?
    Do you see blocked packets in the firewall log (Status -> System Logs -> Firewall -> Normal View)? If yes, by what rule are the packets blocked?

    You can also use Diagnostics -> Packet Capture to see if icmp packets get in and out of both pfSenses