Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec work with no inbound rule in firewall

    Scheduled Pinned Locked Moved IPsec
    5 Posts 3 Posters 523 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fabiensch
      last edited by

      Hello,

      I have installed a IPSec VPN mobile client server on my pfSense.
      Access is from the WAN interface.
      I don't understand how the VPN connections work while everything is blocked in my firewall in WAN.
      I did not create a rule to allow connections and yet IPSec can be reached from the outside.

      IPSec bypass the firewall?

      thanks

      ? G 2 Replies Last reply Reply Quote 0
      • ?
        A Former User @fabiensch
        last edited by

        @fabiensch

        'pfctl -sr' will show you all of the rules. Not everything is exposed in the gui.

        You can look here for more from Netgate in the documentation:

        https://docs.netgate.com/pfsense/en/latest/firewall/pf-ruleset.html

        1 Reply Last reply Reply Quote 1
        • G
          gabacho4 Rebel Alliance @fabiensch
          last edited by

          @fabiensch pfsense automatically adds rules to allow ipsec when you create it. The rules do not show up on the wan interface firewall. This can be disabled so that you have to manually create the firewall rules for esp, port 500, and port 4500. See more at:

          https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#disable-auto-added-vpn-rules

          G 1 Reply Last reply Reply Quote 1
          • G
            gabacho4 Rebel Alliance @gabacho4
            last edited by

            @gabacho4 sorry use this link instead

            https://docs.netgate.com/pfsense/en/latest/firewall/rule-methodology.html#firewall-ipsec

            1 Reply Last reply Reply Quote 1
            • F
              fabiensch
              last edited by

              Everything is explained. Thank you for your answers!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.