<![CDATA[IPsec can not ping site B]]>Greetings to All,

I've configured the IPsec

Jun 28 17:31:30 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 440 [ ]
Jun 28 17:31:30 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:31:35 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:31:35 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 441 [ ]
Jun 28 17:31:35 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 441 [ ]
Jun 28 17:31:35 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:31:40 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:31:40 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 442 [ ]
Jun 28 17:31:40 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 442 [ ]
Jun 28 17:31:40 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:31:45 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:31:45 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 443 [ ]
Jun 28 17:31:45 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 443 [ ]
Jun 28 17:31:45 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:31:50 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:31:50 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 444 [ ]
Jun 28 17:31:50 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 444 [ ]
Jun 28 17:31:50 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:31:55 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:31:55 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 445 [ ]
Jun 28 17:31:55 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 445 [ ]
Jun 28 17:31:55 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:00 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:00 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 446 [ ]
Jun 28 17:32:00 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 446 [ ]
Jun 28 17:32:00 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:05 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:05 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 447 [ ]
Jun 28 17:32:05 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 447 [ ]
Jun 28 17:32:05 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:10 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:10 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 448 [ ]
Jun 28 17:32:10 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 448 [ ]
Jun 28 17:32:10 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:15 	charon 		11[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:15 	charon 		11[ENC] <con1000|1> parsed INFORMATIONAL request 449 [ ]
Jun 28 17:32:15 	charon 		11[ENC] <con1000|1> generating INFORMATIONAL response 449 [ ]
Jun 28 17:32:15 	charon 		11[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:20 	charon 		10[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:20 	charon 		10[ENC] <con1000|1> parsed INFORMATIONAL request 450 [ ]
Jun 28 17:32:20 	charon 		10[ENC] <con1000|1> generating INFORMATIONAL response 450 [ ]
Jun 28 17:32:20 	charon 		10[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:25 	charon 		10[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:25 	charon 		10[ENC] <con1000|1> parsed INFORMATIONAL request 451 [ ]
Jun 28 17:32:25 	charon 		10[ENC] <con1000|1> generating INFORMATIONAL response 451 [ ]
Jun 28 17:32:25 	charon 		10[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)
Jun 28 17:32:30 	charon 		10[NET] <con1000|1> received packet: from 1x.20x.9.2x[500] to 1xx.2x.1x.2x[500] (80 bytes)
Jun 28 17:32:30 	charon 		10[ENC] <con1000|1> parsed INFORMATIONAL request 452 [ ]
Jun 28 17:32:30 	charon 		10[ENC] <con1000|1> generating INFORMATIONAL response 452 [ ]
Jun 28 17:32:30 	charon 		10[NET] <con1000|1> sending packet: from 1xx.2x.1x.2x[500] to 1x.20x.9.2x[500] (80 bytes)

Interface of My LAN Subnet is 172.16.1xx.0/20
Interface of IPSEC : 192.168.xxx.xxx/30

In phase-2 , I have added my LAN subent in
Local Area Network : 172.16.1xx.0/20
NAT/BINAT translation: 192.168.xxx.xxx/30

When Im trying to ping 192.168.xxx.2/32

Unable to ping network nor I'm able to trace that remote IP. IPsec status is showing connected but phase-2 0 bytes in/out .

Rule in IPSEC:

-ipsec-rule.png

Rule in LAN:

Screenshot_2021-06-28 pfSense local landomain - Firewall Rules LAN.png
Do I need to add any other rule as well?

Regards

]]>https://forum.netgate.com/topic/164723/ipsec-can-not-ping-site-bRSS for NodeThu, 16 Apr 2026 02:23:27 GMTMon, 28 Jun 2021 12:53:16 GMT60<![CDATA[Reply to IPsec can not ping site B on Tue, 29 Jun 2021 04:29:24 GMT]]>@scorpoin Try to change the LAN rule to "any any" to include icmp in your rule. Ping is icmp.

]]>https://forum.netgate.com/post/989858https://forum.netgate.com/post/989858Tue, 29 Jun 2021 04:29:24 GMT