IPSec tunnel to Unifi USG up but no traffic passes



  • All looks fine; the remote subnets are correctly stated, but nothing is singable from either end. Anyone know how to sort, please?



  • I haven't had much trouble going from a USG to pfSense. On the USG side, I used site-to-site, manual IPSec, (fill in settings), uncheck enable dynamic routing.



  • Dynamic routing was enabled, so I've unchecked it, but still cannot ping the LAN IP of the USG from pfSense..... Any more ideas as to where to look? I haven't got SSH access to the USG right now, but will have tomorrow I hope



  • Sorry, not sure what else to check. In my case, unchecking dynamic routing got it going.



  • Doh - there was never an issue it seems. BEWARE: unless I was doing it wrong (using defaults) you cannot test the VPN by pinging the other end from within the UI; you have to test using endpoints. Wasted hours on that one!! Netgate, is that a bug?


Log in to reply