[Solved] IPSec VPN client cannot be accessed from LAN

  • Hey guys,

    Here's what I have going:

    mobile client <-> internet <-> pfsense <-> lan

    The mobile client can access all servers on the network. two way communication is fine IF it is initiated by the mobile client. from the lan, you cannot reach the mobile client. you can't ping it's ip address, nor can you reach any of the services it's running.

    I setup shrew soft vpn as per the document on this site.
    i'm not seeing any drops in the real-time firewall log.
    My IPSec rule is to any-any

    Any ideas on how I can set this up to make able to access whenever it wants?


    I looked through other threads in this forum and found this link:


    "To do this, click "Static Routes" in the webGUI. Click the + to add a static route. In the Interface box, choose LAN, for destination network, enter the remote end VPN subnet, and for the gateway put in the LAN IP address of your local pfSense."

    After doing this, my lan can initiate connections to the IPSec VPN clients.

    Here's what the static route looks like:
    Interface  Network  Gateway  Description