IPsec from Azure pfSense VPN appliance to on-premises box



  • I successfully started an IPsec VPN tunnel from my Azure pfSense VPN appliance to an on-premises box.  But I cannot flow traffic from my Windows Server VM in Azure through that IPsec.

    IOW, I can ping my on-premises box at internal LAN IP 192.168.1.1 from the pfSense appliance at Azure virtual network IP 192.168.0.196.  I can ping the pfSense appliance at 192.168.0.196 from the Windows VM at 192.168.0.4.  But I cannot ping my on-premises box at 192.168.1.1 from the Windows VM at 192.168.0.4.

    Azure's virtual network's address space 192.168.0.0/24. The Windows VM is on Azure subnet 192.168.0.0/25.  The pfSense VPN appliance is on Azure subnet 192.168.0.192/28.

    I have a route set up to next hop 192.168.0.196 if the destination is 192.168.1.0/24.  That route is associated with subnet 192.168.0.0/25.

    I believe I have the right firewall rules in the pfSense appliance.

    I should add there is also an Azure VPN Gateway on Gateway Subnet 192.168.0.128/28, which I have used to successfully ping 192.168.1.1 from 192.1680.4.  What I am trying to do is replicate that success with the pfsense Virtual VPN device.  I would have thought the route I set up would have redirected traffic to the pfSense.  But so far something is not working.

    Any suggestions would be very helpful.

    Thank you!

    Larry


Log in to reply