<![CDATA[VPN appears to connect but no traffic]]>Fairly new to pfSense. I'm attempting to make a IPSEC connection to a Fortigate router that is managed by a 3rd party.

The pfSense system is behind NAT (ESP protocol is configured) on a VM with its LAN on 10.3.0.0/24.

The remote Fortigate's LAN is 10.0.0.0/24.

The P1 and P2 connections appear to show connection established. However I don't see a route to 10.0.0.0/24 in the routing table of the pfSense system despite having that destination LAN declared in the P2 settings. If I try a traceroute to 10.0.0.60 (a machine I know is there) the traffic appears to go out over the WAN interface rather than being directed over the VPN.

I saw a similar post to this one where the fix was sorting out the P2 settings. But I don't think that's the issue here.

Any suggestions for how I go about diagnosing this?

Many thanks

Ken

]]>https://forum.netgate.com/topic/168340/vpn-appears-to-connect-but-no-trafficRSS for NodeSat, 18 Apr 2026 07:26:55 GMTTue, 07 Dec 2021 15:02:16 GMT60<![CDATA[Reply to VPN appears to connect but no traffic on Tue, 14 Dec 2021 23:01:07 GMT]]>@alejjime Its on the pfSense toward the bottom of the Phase 1 page. :-)

Screenshot from 2021-12-14 22-58-57.png

]]>https://forum.netgate.com/post/1014624https://forum.netgate.com/post/1014624Tue, 14 Dec 2021 23:01:07 GMT<![CDATA[Reply to VPN appears to connect but no traffic on Tue, 14 Dec 2021 19:08:56 GMT]]>@kens said in VPN appears to connect but no traffic:

Split Connections

Do you refer to "Split Connections" in the 3rd party firewall or in your pfSense? I have search in the setup of Phase 1 in my pfSense 2.5.2 fw, but I have not found this parameter.

]]>https://forum.netgate.com/post/1014597https://forum.netgate.com/post/1014597Tue, 14 Dec 2021 19:08:56 GMT<![CDATA[Reply to VPN appears to connect but no traffic on Tue, 14 Dec 2021 10:51:28 GMT]]>Thank you for all the responses. It turned to be firewall policies at the 3rd party Fortigate that needed attention.

I case any one reads this in future. This configuration has several Phase 2 entries for different subnets. To make it work the setting "Split Connections" needed enabled in the Phase 1 configuration.

]]>https://forum.netgate.com/post/1014530https://forum.netgate.com/post/1014530Tue, 14 Dec 2021 10:51:28 GMT<![CDATA[Reply to VPN appears to connect but no traffic on Tue, 07 Dec 2021 23:36:57 GMT]]>@kens When the connection attempt is made, can you see the traffic using the pfTop tool in pfSense?

]]>https://forum.netgate.com/post/1013551https://forum.netgate.com/post/1013551Tue, 07 Dec 2021 23:36:57 GMT<![CDATA[Reply to VPN appears to connect but no traffic on Tue, 07 Dec 2021 23:30:20 GMT]]>Is this the first IPsec connection on this firewall? If so, do you have rules in place under IPsec to allow traffic over IPsec?

If it is going out over the WAN, I would still be inclined to check the P1 and P2 settings. If the P2 is established correctly, PFsense should route it automatically.

Are you using the 10.0.0.0/24 elsewhere in the system?

]]>https://forum.netgate.com/post/1013548https://forum.netgate.com/post/1013548Tue, 07 Dec 2021 23:30:20 GMT<![CDATA[Reply to VPN appears to connect but no traffic on Tue, 07 Dec 2021 15:05:48 GMT]]>@kens I should say the pfSense system is 2.5.2

I can change the pfSense system to be on a public IP if that would help

]]>https://forum.netgate.com/post/1013465https://forum.netgate.com/post/1013465Tue, 07 Dec 2021 15:05:48 GMT