Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec via IPv6 issue

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 194 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Eduardox
      last edited by Eduardox

      Hi,

      My situation:

      location 1: 192.168.1.0/24 - pfSense1 on 192.168.1.254 - DHCP for clients .100 to .199
      location 2: 192.168.2.0/24 - pfSense2 on 192.168.2.254 - DHCP for clients .100 to .199

      Working IPsec IPv4 link between both sites. All devices from location 1 can reach all devices from location 2, and the other way around also.

      Now I switched the IPsec phase 1 from IPv4 to IPv6. The phase 2 remains at IPv4 (since I use IKEv2, that is possible).

      Result: all devices from location 1 can only reach pfSense2 (not the other devices on site 2), and all devices from location 2 can only reach pfSense1 (not the other devices on site 1).

      Anyone else experienced this?

      (since I am still using IPv4 inside the tunnel as before, it's not a firewall issue)

      Thanks.

      EDIT: Update: ping works to all, but no webinterfaces, so must be an MTU issue I guess...
      EDIT: Update2: Activating MSS Clamping and lowing the MSS to 1300 bytes fixed the issue! :-)

      1 Reply Last reply Reply Quote 1
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.