Ipsec Asa Vpn

  • Hello community,

    I hope you can help me with this problem, I have already configured the ipsec tunnel Asa, PFsense –-- to --- Cisco Firewall

    these are my encryption phases:

    ike = 3des-sha1-modp1536 #Phase 1: modp1536 = DH group 5
            esp = 3des-md5-modp1024 #Phase 2

    PFsense ip side public = X.X.X.X------------------------------ Cisco Firewall ip public = X.X.X.X
      subnet = / 24                                      subnet = XX.XXX.236.126 / 32    <------

    As I mention the tunnel is already established, but to be able to access the subnet of Cisco XX.XXX.236.126/32, I have to make a nat with this ip that I was assigned --->

    You can guide me a little so that my subnet consumes the services of through


    Pablo I.G.

  • LAYER 8 Netgate

    From your "diagram", they are the ones who have to NAT.

    What is the IPsec access list on the ASA side?

    What is the phase 2 defined on your side (including any NAT if present there) ?

Log in to reply