<![CDATA[Ipsec site to site problem web server]]>I have a tunnel ipsec, where the remote network needs access to a web server, I can verify the rules and I made a telnet from the remote local network to the web server responds but entering by browser (chrome, mozilla, etc) don't respond.

This is my version firewall 2.3.4-RELEASE (amd64)
FreeBSD 10.3-RELEASE-p19

Any ideas?

]]>https://forum.netgate.com/topic/144282/ipsec-site-to-site-problem-web-serverRSS for NodeThu, 11 Jun 2026 12:48:11 GMTTue, 18 Jun 2019 17:40:57 GMT60<![CDATA[Reply to Ipsec site to site problem web server on Tue, 25 Jun 2019 10:37:09 GMT]]>@runaway19 said in Ipsec site to site problem web server:

The web server network is internal, not public.

My question was, how do you try to access it?
By its public hostname or by its public IP or by its internal hostname or IP?

]]>https://forum.netgate.com/post/850153https://forum.netgate.com/post/850153Tue, 25 Jun 2019 10:37:09 GMT<![CDATA[Reply to Ipsec site to site problem web server on Mon, 24 Jun 2019 15:01:51 GMT]]>@runaway19
Try to start tcpdump during the connection and show what is happening at this moment

]]>https://forum.netgate.com/post/849992https://forum.netgate.com/post/849992Mon, 24 Jun 2019 15:01:51 GMT<![CDATA[Reply to Ipsec site to site problem web server on Mon, 24 Jun 2019 14:59:12 GMT]]>Apply that change and the problem still persists.

]]>https://forum.netgate.com/post/849990https://forum.netgate.com/post/849990Mon, 24 Jun 2019 14:59:12 GMT<![CDATA[Reply to Ipsec site to site problem web server on Sat, 22 Jun 2019 12:25:30 GMT]]>@runaway19

Hey
try reducing the MSS value

VPN/IPsec/Advanced Settings

for example

b7dd8fa3-2cde-42f4-bc1b-eb2da6a6315b-image.png

]]>https://forum.netgate.com/post/849713https://forum.netgate.com/post/849713Sat, 22 Jun 2019 12:25:30 GMT<![CDATA[Reply to Ipsec site to site problem web server on Fri, 21 Jun 2019 15:13:51 GMT]]>nobody knows?

]]>https://forum.netgate.com/post/849586https://forum.netgate.com/post/849586Fri, 21 Jun 2019 15:13:51 GMT<![CDATA[Reply to Ipsec site to site problem web server on Wed, 19 Jun 2019 12:23:15 GMT]]>@viragomann said in Ipsec site to site problem web server:

By the web servers public host name?
You have to add a DNS override on the remote site for this host name, pointing to its local IP address.

Thanks for your answer. The web server network is internal, not public.

]]>https://forum.netgate.com/post/849247https://forum.netgate.com/post/849247Wed, 19 Jun 2019 12:23:15 GMT<![CDATA[Reply to Ipsec site to site problem web server on Tue, 18 Jun 2019 19:54:55 GMT]]>@runaway19 said in Ipsec site to site problem web server:

but entering by browser (chrome, mozilla, etc) don't respond.

By the web servers public host name?
You have to add a DNS override on the remote site for this host name, pointing to its local IP address.

]]>https://forum.netgate.com/post/849146https://forum.netgate.com/post/849146Tue, 18 Jun 2019 19:54:55 GMT