Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Draytek - pfSense established but no traffic

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cjking
      last edited by

      Hi,
      I have managed to connect a Draytek Vigor 2820 using lan-to-lan with pfSense, but cannot get any traffic to pass through it. TCPDUMP shows there is traffic going in and out of pfSense.

      When pinging a host from a NAT machine on the pfSense side:
      16:23:22.272130 IP (pfsense) > (office): AH(spi=0x1ba4eac7,seq=0x9f): IP 10.1.6.4 > 192.168.111.1: ICMP echo request, id 34350, seq 8, length 64 (ipip-proto-4)
      When pinging a host from a NAT machine in the office:
      16:24:37.185381 IP (office) > (pfsense): AH(spi=0x058e938a,seq=0x3d2): IP 192.168.111.40 > 10.1.5.200: ICMP echo request, id 24836, seq 1, length 64 (ipip-proto-4)

      I see no replies when pinging, and similar tcpdump traffic when attempting to connect to any TCP ports but no successful connection.
      I have an allow all rule on the IPSec tab of the firewall rules - am I missing anything else?

      Chris.

      1 Reply Last reply Reply Quote 0
      • C
        cjking
        last edited by

        Solved - I was using AH in phase 2. Changed to ESP and everything worked fine.

        1 Reply Last reply Reply Quote 0
        • J
          jockwatson
          last edited by

          Hi,

          would you share what configuration you used, I'm struggling with a 2800 at the moment?

          Cheers!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.