Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense on AWS IPsec

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 558 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thiagomespb
      last edited by

      Hello,

      I'm using pfsense on AWS, I installed it using Marketplace, I'm trying to close a vpn with my other pfsense who stays in the company, but I can not get it to work. I used openvpn and it worked, I would like to know who has some pfsense in AWS and use IPsec .. I was presquisando, but I did not find any reference, only with VPC and pfsense.

      Anyone have any idea how to close this tunnel between two pfsense, one being in AWS.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Should be no different than setting up any behind NAT IPsec endpoint. (Set the local endpoint ID to an FQDN or the public elastic IP. It just has to match what the other side is expecting it to be.)

        That and your security group on the interface with the Elastic IP will need to pass UDP 500 and 4500 from the other side's address if you want it to be able to act in the responder role. I am not 100% sure if ESP also needs to be passed or not. I wouldn't think so since you know it's going to always be behind NAT.

        The IPsec logs tell you exactly what the local side doesn't like. If you are looking at the logs and see you are receiving a negative response, look at the logs on the other side.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 1
        • T
          thiagomespb
          last edited by thiagomespb

          security group Elastic IP: All Traffic

          Searching the internet, I did not find anything related to pfsense in AWS providing VPN ipsec .

          0_1532344848831_screenshot-sa-east-1.console.aws.amazon.com-2018.07.23-08-19-33.png

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.