Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Communications Drop

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 1 Posters 592 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BCS-Support
      last edited by

      I have setup a VPC at Digital Oceans, I have setup a droplet in the VPC with pfsense installed. I have setup rules and have an IPSec tunnel setup between my office Cisco ASA5506 and the VPC. When on other device inside the VPC is setup to use the pfsense host as their default gateway, everything is fine. after the ipsec tunnel is up, I can ping the private ip address of the pfsense machine from my computer in my office and can ping my office computer from the diagnostic tools on the pfsense host.

      But my issue is whenever I go into one of the other host in the VPC and set their default gateway to be the pfsense host, I lose all communications to everything. The ipsec tunnel drops, web connection to the public web interface of the pfsense host drops. Nothing

      All I can do is reboot all devices and get back to where I was.

      Any suggestions.

      Thanks from Confused.

      B 1 Reply Last reply Reply Quote 0
      • B
        BCS-Support @BCS-Support
        last edited by

        After further testing, found the following

        Even if the ipsec tunnel is not connected, the communications to the entire system will fail when one of the other droplets inside the VPC are set to use the pfsense host as the gateway.

        B 1 Reply Last reply Reply Quote 0
        • B
          BCS-Support @BCS-Support
          last edited by

          When I run netstat on the pfsense machine, it does not look like the local hos of 192.168.10.3 is setup to be a gateway.

          51a7014a-1868-4037-ba70-d5d07fde6e7d-image.png

          1 Reply Last reply Reply Quote 0
          • B
            BCS-Support
            last edited by BCS-Support

            After further testing I have determined that the VPN tunnel did not fail.

            I created a new tunnel to a different location.

            Connected the ipsec tunnel between the two locations and did a test ping to the pfsense server private ip address, (192.168.10.3) it works.
            Connected to the another host on the VPC network at DO and set its default gateway to 192.168.10.3 and able to ping it from the remote host of 192.168.0.2. The constant ping has been running for 2 hours now.

            But I did determine that when the initial site-to-site tunnel was connected, I lost communications to the public ip address of the pfsense host at DO from my local computer. (not part of the current VPN tunnel) And from the local VPN site, I cannot open the private ip address of the pfsense host through the vpn tunnel. https://192.168.10.3. But I can ping the host of 192.168.10.3

            I have a setting wrong someplace. Any suggestions?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.