4. Can't connect to or ping LAN hosts using IPsec mobile VPN

Can't connect to or ping LAN hosts using IPsec mobile VPN

  • A

    Hello!

    I'm new to using pfSense as a VPN server. I finally got it configured with IKEV2 and am able to successfully connect, but I can't ping any other host on the LAN. I have Phase 2 -> Network set to '0.0.0.0/0', and internal IPs are in the 192.168.1.x range. The mobile clients are given one of these private IPs. The firewall is set to allow IPsec connections from any to any. The pfSense router is the default gateway for the LAN.

    Also, is there a way to have my DHCP server (Windows Server) assign IP addresses to the VPN clients under this configuration?

    Thanks!

    0
  • A

    I ran a packet capture with Wireshark, and it looks like no packets from the mobile client are hitting the LAN. The only packets I see referencing the mobile client's internal IP address are ARP requests: "Who has (mobile client internal IP)? Tell (IP address of Windows Server providing DNS and DHCP)."

    0
  • A

    I found the problem: under VPN -> IPsec -> Mobile Clients under 'Client Configuration', the 'Virtual Address Pool' has to be a completely different network address than the internal IP addresses I was using. This tip is on one of the how-to pages, and it looks like I overlooked a step. I also learned that there isn't a way yet to have the DHCP server assign IP addresses to VPN clients.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy