IPSec Point to Point VPN Trouble

drummer_adair

Hi all, I have been working for four days to try and establish point to point connections between three different pfsense boxes. All boxes are running 1.2-Release and work perfectly except when it comes to the vpn's.
I am new to VPN's but am familar with networking, so please bare with me.

Some inside info on my setup.
Site 1 is our office which is on a static DSL connection.
Sites 2 and 3 are dynamic DSL connections. (one of them being mine at home and the other a friend of mine at home)
In all cases pfSense is the router/firewall, the static site is configured staticly, the dynamic sites are doing PPPoE by pfs.
All end points are on their own subnet (192.168.x.0)

I have followed every tutorial I can find and have been reading the forums for days and nothing seems to make my tunnels work.
I feel the tunnels are actually configured correctly but something in my firewall rules has to be missing because when i check the status of the IPSec in overview i always get a green arrow on one side and a yellow x on the other. I have good info in the SAD and SPD fields under status. FYI, it always seems that either of the other two end points get a green and I always get yellow….

I have tried several firewall rules and nat translations and always get the same result. Although until I build some rules I don't make any connection, this is obviously why I am missing something else.

Can someone please tell me what rules I need where to get my vpn to be able to ping any device on any subnet?

Please let me know what other info would be helpful in troubleshooting this matter.

Thanks, Adair

P.S.
I have been playing with pfsense for several months now and love it!