Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSec connect to CISCO but can not ping each other

    IPsec
    1
    1
    215
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      irs last edited by

      I have build ipsec connectivity between Cisco and two pfsense. The connection shows Connected but can not ping.

      I am also running openVPN on same pfsense between two locations connected and running fine.

      I need to allow 192.168.1.254/32, 192.168.1.4/32 to access my network through ipsec.

      cat /var/etc/ipsec/ipsec.conf

      This file is automatically generated. Do not edit

      config setup
      uniqueids = yes

      conn bypasslan
      leftsubnet = 10.1.7.0/24
      rightsubnet = 10.1.7.0/24
      authby = never
      type = passthrough
      auto = route

      conn con1000
      fragmentation = yes
      keyexchange = ikev1
      reauth = yes
      forceencaps = no
      mobike = no

      rekey = yes
      installpolicy = yes
      type = tunnel
      dpdaction = restart
      dpddelay = 10s
      dpdtimeout = 60s
      auto = route
      left = 173.11.200.109
      right = 64.xxx.xxx.70
      leftid = 173.xxx.xxx.109
      ikelifetime = 86400s
      lifetime = 3600s
      ike = aes128-sha1-modp1024!
      esp = aes128-sha1-modp1024!
      leftauth = psk
      rightauth = psk
      rightid = 64.xxx.xxx.70
      aggressive = no
      rightsubnet = 192.168.1.0/24
      leftsubnet = 10.1.7.0/24

      i dont know what i am missing?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post