PfSense IPSec Passthrough ? Cisco QuickVPN Client can't get out …

  • Hello,
    we try to get a connection with the "Cisco (Linksys) QuickVPN Client" to a RV042 Router. When we use the way without pfSense it works - if we come from the LAN Network with a rule "protocol:any source: <the client="">destination:any ok" (… open way out) something seems to block it - or is NAT the problem ?? Can some give us a hint please ...
    (We are running NAT with: "Automatic outbound NAT rule generation (IPsec passthrough)".)
    Thanks, FBI01</the>

  • I had issues with this as well.  Perhaps this will help.  I have three ADSL modem/routers in front of my PFSense box.

    Make sure NAT is disabled on PFSense if it is behind another router otherwise you double NAT.  Enable Manual outbound NAT but don't create any rules unless you have a mix of connections.  That is create NATs for interfaces that are directly connected and don't for those that are behind a NATing router.

    If you are load balancing across multi link the define a rule on LAN: all protos/ports, destination: <the other="" end="">, route via "default".  This will make sure that all traffic to this destination gets through and does not get bounced around.


Log in to reply