Pfsense on AWS IPsec



  • Hello,

    I'm using pfsense on AWS, I installed it using Marketplace, I'm trying to close a vpn with my other pfsense who stays in the company, but I can not get it to work. I used openvpn and it worked, I would like to know who has some pfsense in AWS and use IPsec .. I was presquisando, but I did not find any reference, only with VPC and pfsense.

    Anyone have any idea how to close this tunnel between two pfsense, one being in AWS.


  • Netgate

    Should be no different than setting up any behind NAT IPsec endpoint. (Set the local endpoint ID to an FQDN or the public elastic IP. It just has to match what the other side is expecting it to be.)

    That and your security group on the interface with the Elastic IP will need to pass UDP 500 and 4500 from the other side's address if you want it to be able to act in the responder role. I am not 100% sure if ESP also needs to be passed or not. I wouldn't think so since you know it's going to always be behind NAT.

    The IPsec logs tell you exactly what the local side doesn't like. If you are looking at the logs and see you are receiving a negative response, look at the logs on the other side.



  • security group Elastic IP: All Traffic

    Searching the internet, I did not find anything related to pfsense in AWS providing VPN ipsec .

    0_1532344848831_screenshot-sa-east-1.console.aws.amazon.com-2018.07.23-08-19-33.png