Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC - Not passing traffic on 1 site to site config

    IPsec
    2
    2
    53
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stephenl
      last edited by

      Hello

      I have pfsense box with CE V2.7.2 installed

      The box have multiple Site to Site VPN's configured, all the connections to other pfsense boxes work great, no problems

      However, I also have 1 VPN connection to a Unifi box which fails to work.

      The VPN is established for both Phase 1 and 2 – however it will not pass traffic

      I have been advised the Unifi box is configured to allow traffic through its IPSec connection.

      Reviewing the pfsese IpSec log I can see all the pfsense connections are passing 80 bytes
      Feb 26 07:07:49 charon 64176 10[NET] <con3|5> received packet: from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500] (80 bytes)

      Where as the Unifi connection is passing 96 bytes
      Feb 26 08:10:37 charon 64176 06[NET] <con1|3> received packet: from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500] (96 bytes)

      Is this normal ??

      Could this be the reason why traffic isn’t being passed, ie fragmentation ??

      Any suggestions as to possible causes would be appreciated

      Thank you

      K 1 Reply Last reply Reply Quote 0
      • K
        Khna01 Banned @stephenl
        last edited by

        This post is deleted!
        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.