Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple IPSEC VPN Tunnels work but new one doesnt...

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 259 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trusttech
      last edited by trusttech

      Hey Gang!

      Big fan of PfSense platform and could really use some help from the community.

      I have a client with one main office with several satellites.

      The main office (site A) is running a Netgate XG-7100 DT (with 32GB storage and 8GB memory) and the sister office (site B) is running a Netgate XG-7100 DT (with 32GB storage and 8GB memory) as well. They both run FiOS business with gigabit service and are connected via IPSEC VPN. All appliances are running the latest 21.2 release of PfSense

      They have been expanding quickly and hiring remote workers so I configured site A for OpenVPN and a handful of remote workers are connecting via Viscosity VPN software. They added another small office (site C) and I installed a Netgate SG-3100 to connect to Site A via IPSEC VPN and it works great.

      THEN…

      Site B had an additional FiOS installation (separate from site B original) to support another office on the other site of the property so ill refer to this as Site B1 and Site B2 to distinguish between the two separate services.

      I installed another Netgate SG-3100 for Site B2 and while I have internet connectivity, I cant get the IPSEC VPN to work between Site A and Site B2. I verified with Verizon that there are no ports being blocked on business service.

      I could understand messing up the IPSEC config and not having it work, but I already have several connections running and am using the SAME EXACT setup for Site B2 (with the respective changes obviously) but cant get it to work. I even tried different settings (making sure they are the same on Site A and Site B2) with no luck. As far as I know, the config choices are not critical as long as they are identical on both sides (as with a network cable – pins can be whatever color you want as long as they match on both ends – standard is not relevant).

      Site A is the only one hosting multiple connections as all satelite offices, whether IPSEC or OPENVPN go directly to it.

      I don’t understand the output from the log output respective to the IPSEC and firewall settings so I am not sure if they are telling me something I cant process. I do have an ALL PASS rule for IPSEC traffic on both sides.

      I am so frustrated… Thoughts? I can provide whatever data is needed to help.

      Thanks so much for taking the time to read this. I really appreciate your input.

      Marc

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.