Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSec VPN with Cisco PIX

    IPsec
    1
    1
    2197
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mtoadmin last edited by

      Hi,

      First of all, thanks for pfSense which the best opensource Firewall we've seen to date. ;D

      I've setup VPN tunnels with 3 PIX without any problem. After 24h(phase one lifetime), the tunnels were all dead.
      To solve this, we had to open port 500 on the pfsense on the WAN interface.
      The question is: why isn't there an implied rule for inbound isakmp ? after all, there must be one which is implied for ipsec.

      2nd question strange behaviour: the firewall logs a drop "TCP 500" when actually the correct entry should have been "UDP 500".
      We've seen this also with NTP which is logged as TCP 123 when is should have been just UDP 123 in our case.

      note: version in use is pfSense 1.0.1

      tx

      mtoadmin

      1 Reply Last reply Reply Quote 0
      • First post
        Last post