4. Draytek - pfSense established but no traffic

Draytek - pfSense established but no traffic

  • C

    Hi,
    I have managed to connect a Draytek Vigor 2820 using lan-to-lan with pfSense, but cannot get any traffic to pass through it. TCPDUMP shows there is traffic going in and out of pfSense.

    When pinging a host from a NAT machine on the pfSense side:
    16:23:22.272130 IP (pfsense) > (office): AH(spi=0x1ba4eac7,seq=0x9f): IP 10.1.6.4 > 192.168.111.1: ICMP echo request, id 34350, seq 8, length 64 (ipip-proto-4)
    When pinging a host from a NAT machine in the office:
    16:24:37.185381 IP (office) > (pfsense): AH(spi=0x058e938a,seq=0x3d2): IP 192.168.111.40 > 10.1.5.200: ICMP echo request, id 24836, seq 1, length 64 (ipip-proto-4)

    I see no replies when pinging, and similar tcpdump traffic when attempting to connect to any TCP ports but no successful connection.
    I have an allow all rule on the IPSec tab of the firewall rules - am I missing anything else?

    Chris.

    0
  • C

    Solved - I was using AH in phase 2. Changed to ESP and everything worked fine.

    0
  • J

    Hi,

    would you share what configuration you used, I'm struggling with a 2800 at the moment?

    Cheers!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy