Allow access from remote site - IPSec

  • Hi, pfsense noob, I've been reading various threads and how-tos and am still having trouble with what is, I'm sure, pretty simple.

    I have an IPSec VPN set up between pfsense (local) and an ipcop machine (remote). I am able to connect to machines on the remote side, but they can't connect to machines on the local side. What firewall rule can I add to allow traffic coming from the remote side to connect to local machines? The automatic rules are not disabled.

    I did a packet capture on the pfsense box and if I ping a local machine from the remote I can see the requests come in and replies from the local machine, but they never make it back to the remote side.

    Thanks for any ideas!

  • Just to follow up, I did figure this out - I added a rule to the IPSec interface, IPv4 Any. The underlying issue was that there was an IPSec configuration still active on the remote IPCop side for the IPCop box that pfsense is replacing, and that messed up the routing. Once I disabled that all was well.

Log in to reply