Ping remote connection from LAN
dalicollins last edited by dalicollins
I have a working IPsec tunnel on PFsense Plus. Remote IP is 10.3.3.1. Local LAN IP is 192.168.100.2
What rules do I need to make a connection from the local IP to the connected IPsec tunnel IP?
Specifically I want 192.168.100.2 to be able to ping 10.3.3.1. Then I can make use of other protocols.
These are the rules I currently have setup.
Is this even possible to do? ...Anyone?
@dalicollins It is absolutely possible to ping to the other side of your tunnel.
You need a rule on your IPsec tab to allow traffic to go down your tunnel, do you have that?
Thanks for the response. The IPsec rules I show above are the only ones I setup. The second one I was hoping was the one I needed to ping the remote IP. I tried swapping the source with the destination, also tried using 10.3.3.1. How should this be setup?
@dalicollins I think your rule is associated to the wrong interface.
Currently the rule says you can ping from LAN net to 10.3.3.0/24 but the source should be IPsec as the source I believe.
Click the IPsec tab (top of your photo) and see what rules you have there. If you have none, then you are not allowing any of your traffic out.
In the IPsec rules, I did try source as 10.3.3.1 and then tried 10.3.3.0/24, left the rest as any and I still cannot ping from 192.168.100.26 to 10.3.3.1. But I can ping the other direction using the first IPsec rule above.
I am just trying to ping both ways. I can ping from the Windows client to Pfsense box, but not from the LAN on the Pfsense box to the Client. The client is on a its own dynamic IP network with a small router. The router has IPsec passthrough enabled.
I added the following IPsec rule and Phase 2 Tunnel