IPSec Remote Desktop Connection failing to Domain Controller
Just getting pfSense setup, and so far only have the default firewall rules configured along with a few port forwards to a web server. That is all working perfectly so far. However, I can not connect to RDP session or ping to primary domain controller over IPSec or OpenVPN tunnel. I can ping and RDP into any other machine on either interface over VPN.
I have two Windows 2019 Server domain controllers setup on the LAN network. I have the following interfaces configured:
I am allowing all TCP, ICMP, and UDP traffic on LAN & IPSec interfaces.
The Windows Firewall is configured to allow on Remote Desktop Connections for Domain,Private,Public networks.
I can do the following:
Home->VPN->LAN->RDP 172.31.0.6 (DC2)
Home->VPN->LAN->RDP 172.31.0.6 (DC2) -> RDP 172.31.0.5 (DC1)
Home->VPN->LAN->Ping 172.31.0.6 (any other network devices on LAN)
Home->VPN->OPT1->RDP 10.10.0.10 (Blue Iris Server)
If I port forward 3389 on the WAN:
Home->WAN->RDP 172.31.0.5 (DC1) also works, but don't want to leave the port open. I currently have a rule to only allow from my IP address.
So the .0.5 domain controller will accept the RDP sessions via the WAN or LAN. It will not respond to pings or RDP sessions over the IPSec tunnel. I have also configured a OpenVPN tunnel and got the same results. VPN works as expected to all other devices on the network. This was working on a SonicWall TZ215 over a L2TP VPN that I am replacing.