VPN Traffic Rule

  • Hello,

    I have a VPN setup with IPsec from a server outside a network with pfsense to our sonicwall. The VPN works great, and is connected just fine.  Anyways, there is a problem where i cannot see the network that the pfsense is on.  I have a rule setup that disallows all traffic, but i have my rules setup to allow traffic.  What rule do i need to setup to allow my network behind the sonicwall see the network with the pfsense on it?

  • One that allows it - before the default block.

    If you're uncertain, posting a screenshot of the IPsec interface's rules will allow others to see what's wrong (assuming you provide the IP range that you're using for IPsec and the LAN).

  • Everything works fine if i just block all TCP connections, but i want to block All connections by default.  I cannot figure out what i am missing to allow it through.  Maybe you can take a look at the rules here, and see if i am missing one.

  • Rebel Alliance Developer Netgate

    The only rules that matter to the IPsec tunnel are on the IPsec tab, and there you have an allow all rule.

    What exactly is it that you are trying to accomplish? You're contradicting yourself saying you want to block all connections and still "see" the remote network. You have to allow something or the far side of that tunnel will never be able to get back into the network behind pfSense.

    What do you need to be able to do that you can't do with the rules you have?

Log in to reply