4. Another ipsec up but no traffic pfsense to pfsense

Another ipsec up but no traffic pfsense to pfsense

  • J

    i have an ipsec tunnel up from my house to a friends house pfsense 2.0rc1 to pfsense 2.0rc1 and it works great!

    however setting up a tunnel from my house to the office pfsense 2.0rc1 to pfsense 2.0rc1 the connection goes up but i am unable to ping through the tunnel
    I have set up a pass all rule on the ipsec firewall tab (not just tcp but all).

    the network looks like this.

    myhouse:
    cable modem > pfsense > network 192.168.1.1/24
    office:
    cable modem > pfsense > network 192.168.0.1/24

    if i do a packet capture of the ipsec interfaces on both pfsense boxes and ping from my laptop on my home network to the remote pfsense box (or any pc on that network) i get the following response

    my home pfsense box:

    
19:18:30.834293 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 0, length 64
19:18:31.836629 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 1, length 64
19:18:32.846622 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 2, length 64
19:18:33.856629 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 3, length 64
19:18:34.866650 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 4, length 64
19:18:35.876658 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 5, length 64
19:18:36.886665 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 6, length 64
19:18:37.896673 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 7, length 64
19:18:38.906685 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 8, length 64
19:18:39.916698 (authentic,confidential): SPI 0x0b5c4d16: IP 192.168.1.1 > 192.168.0.1: ICMP echo request, id 27572, seq 9, length 64

    office pfsense box:

    and it looks the same if i ping from the office to my home as well nothing shows up on the other end

    if i was diagnosing this my first question would be "do you have an ipsec firewall rule" but i do on both boxes the firewall rule is attached.

    any ideas? anything else to try? anymore information needed?
    ![Screen shot 2011-03-03 at 7.33.58 PM.png_thumb](/public/imported_attachments/1/Screen shot 2011-03-03 at 7.33.58 PM.png_thumb)
    ![Screen shot 2011-03-03 at 7.33.58 PM.png](/public/imported_attachments/1/Screen shot 2011-03-03 at 7.33.58 PM.png)

    0
  • J

    anyone?  ;D

    0
  • P

    The code box for the office pfsense is empty. Does it mean nothing is seen on the capture?

    0
  • J

    sure does nothing shows up at all

    0
  • P

    What is the exact command you've used to capture traffic?

    0
  • J

    i just used the gui

    0
  • E

    Hi,
    Can you take a SS of both of your configs or write them out here?
    Sounds like its probably a subnet thing or possibly another problem.
    Also.. Are there any errors in the logs under the Status->System Logs -> IPsec section?

    -E

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy