VPN with PFsense to Watchguard

  • I am replacing my old Watchguard III 700's with pfsense, I am only able to do one site at a time since my remote location is quite far.

    In one location (my main location) I have installed PFSENSE with 2 network cards, the box is routing well and has made IPSEC VPN connection to my remote location to the watchguard, but for some reason the watchguard cannot ping back, I have tried many settings, but I don't know what could be the issue.

    My remote location uses citrix to enter into my main location (the site with pfsense installed).  I can ping my LAN through the VPN from MiAN SITE to REMOTE but not from REMOTE to MAIN, what settings may effect this?

    Thank You,

  • Depending on the traffic rules that you have set, it sounds like you sre not allowing ICMP back accross the tunnel.

  • I opened up on the PFSENSE box ICMP and i still cannot ping the my pfsense network, I am completely confused here, I have tried different settings for the past 3 days and I just can't get the remote network to ping the PF side.  Yet the PF side VPN to the remote side seems fine.  I really like PFSENSE but I'm going to try IPCOP and see if this works.

  • not saying this will help but…..

    the reason i suggest it is that i tried absolutely everything. tunnel was up & everything looked good. but still no traffic. altered the hash (as suggested) and bang….. it went. you would have thought that if the hash was wrong, the tunnel wouldn't establish. the endpoints matched etc but no traffic would flow.
    incidently, this was a watchgaurd box with pfsense on it! the thing is solid now!