Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ipsec ipv6, no incoming packets on both side

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 28 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      martinez
      last edited by martinez

      Hello everyone,

      I'm asking for your attention regarding my problem because, despite digging, I haven't been able to resolve the following:

      • One of my sites has IPv6 + cgnat internet access, and the other has IPv4 + IPv6. The networks I want to route between this site and the "hub" router are IPv4.
      • The firewalls on each side are pfsense.
      • The tunnel runs between the two firewalls (phase 1 and 2).
      • From the IPsec monitoring, I can clearly see outgoing traffic when I ping a device on the other end.
      • From neither side, I see any incoming traffic from the IPsec monitoring (0 packets).
      • The firewall rules for IPsec are well defined.

      In short, I'm having a nightmare.

      In terms of logs, I have nothing to suggest there's a problem with IPsec.
      And at the network level, I should at least see incoming packets on the monitoring. IPSec

      I've thoroughly examined the VPN troubleshooting section of the Netgate documentation, and as for my specific situation...

      A little help wouldn't be amiss. Any ideas?

      The "hub" part runs on a vm on Azure, it is impossible to assign a public ipv6 address, a dnat (1to1) is therefore automatically created and this cannot be circumvented, could the problem come from the nat-t?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.