Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Add pfsense ipsec route to AWS

    Scheduled Pinned Locked Moved IPsec
    8 Posts 2 Posters 798 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kevin9033
      last edited by kevin9033

      Hi Team,

      We have configured IPSec between PfSense and Aws server. We can see tunnel is connected.

      Once we tried to ping or access remote network over IPSec that time traffic not passing through IPSec.

      PfSense network : 10.3.4/24 and Aws : 172.17.0.0/24
      In ipsec statusall output there is no route for IPSec tunnel on PfSense. How do i add static route on pfSense from Command line. ?

      Is there any command which we can use for troubleshooting for IPSec ?

      It's bit urgent.
      Thanks,
      Kal

      K 1 Reply Last reply Reply Quote 0
      • K Offline
        Konstanti @kevin9033
        last edited by

        @kevin9033
        Hey
        Show the phase 2 settings on both sides of the tunnel

        or

        https://www.youtube.com/watch?v=c8A77HMcCgc

        K 1 Reply Last reply Reply Quote 0
        • K Offline
          kevin9033 @Konstanti
          last edited by

          @Konstanti Thank you so much for your reply.

          We do not have Aws access. Attaching Snap shot from pfSense.

          c2500692-a65e-4eb5-af4f-ed96903e16ab-image.png

          Do we have any command to set static route from command line for IPSec ?

          Thanks,
          Kal

          K 1 Reply Last reply Reply Quote 0
          • K Offline
            Konstanti @kevin9033
            last edited by

            @kevin9033
            Ok
            Show then the output of the command ipsec statusall

            K K 2 Replies Last reply Reply Quote 0
            • K Offline
              kevin9033 @Konstanti
              last edited by

              @Konstanti

              Below is output:
              5581b211-3a4b-4077-afcd-eec77534207a-image.png

              K 1 Reply Last reply Reply Quote 0
              • K Offline
                Konstanti @Konstanti
                last edited by

                @Konstanti
                ipsec does not use static routes. This is a non-routable type of connection. When you configure phase 2, you specify "interesting traffic" that enters the tunnel and will be encrypted.

                1 Reply Last reply Reply Quote 0
                • K Offline
                  Konstanti @kevin9033
                  last edited by

                  @kevin9033

                  Everything's fine
                  The tunnel is installed between networks

                  755eb562-3b8a-4eca-afb7-005da8d0c387-image.png

                  Check the rules on the ipsec interface of pfsense

                  K 1 Reply Last reply Reply Quote 0
                  • K Offline
                    kevin9033 @Konstanti
                    last edited by

                    @Konstanti Thank you so much for your help. Earlier route was not getting add for IPSec for ipsec statusall. I can see now roue is listed and IPSec communication is fine.

                    Thank you so much for your help.

                    Thanks,
                    Kal

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.