Problem with AH Packets in Bridged Mode Filtering
I have the following setup to connect offices to our main office:
Main-Net – Router cisco 2811 ---- Firewall -----Internet ------ Router Cisco 1812 ---- Office-Net
......and everything works fine.
The tunnel is ipsec encrypted.
For security reasons I want to do the following:
Main-Net -- Router cisco 2811 ---- Firewall -----Internet ------ pfsense with transp. FW ---- Router Cisco 1812 ---- Office-Net
Now my problem:
The tunnel comes up. "show crypto session" says "Up Active"
The pfsense Firewall-Log stays quiet.
Incomming AH PAckets are forwarded, but manipulated.
The Identification header changed from 0x1b3 to 0x9a4 (in IP)
These packets are ignored by the router, so that there is no communication possible
Every other bit in the packet is the same (excluding checksums)
Deactivating packet filtering solves the problem (but that is not, what I want to do)
Please help me to fix this problem.