AWS IPsec no connection (Status / IPsec / Overview) missing SA entries
-
Hi, I'm trying to set up an additional IPsec connection to AWS with my high availability pfSense with 8 interfaces and several Virtual IPs (WAN interface 2 Virtual IPs).
What is noticeable is that under "Status / IPsec / Overview" the AWS configuration is the only one that shows "NAT-T" and the SA entries (Phase 2) cannot be seen there at all like with the other connections.
The worst part is that with a "Zyxel USG40" it works right away.
I am very grateful for every idea.
Version: 2.4.5-RELEASE-p1 (amd64)
-
Hi, the error was found and corrected in the VPN configuration on the AWS side.
The pfSense LAN subnet is entered there under "Local IPv4 Network Cidr".
The VPC subnet must be entered under "Remote IPv4 Network Cidr".AWS -> "VIRTUAL PRIVATE NETWORK (VPN)" -> "Site-to-Site VPN Connections":