Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Mobile User IPSec, connect but no packets?

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      josecanuc
      last edited by

      As my office firewall, I am testing pfSense 2.0-RC1 (i386), built on Tue Apr 19 23:38:23 EDT 2011.

      I have two netgate routers with pfSense 1.2.3 installed on them that I send out with my colleagues to provide a temporary IPSec tunnel back to the office from wherever they are. The Mobile user VPN has made this very easy.

      However, with 2.0-RC1 I can't seem to get any packets to transfer between the main and remote routers, even though it appears that the tunnel is up. When I set up a "normal" tunnel on both endpoints (i.e., not "Mobile client" on the main router), then traffic flows freely.

      I've tried to search for this issue in the forums but didn't come across anything that seemed just like mine, though one that did seemed to note that it was a known problem, but I can't find it anywhere else mentioned on the forum or in the bug tracker.

      Is this something that anyone else is seeing?

      I can make it work with the non-Mobile clients, but it was nice to not have to determine the remote IP address and update the phase1 entry each time my colleagues moved to a different location.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Not sure what the issue might be with the mobile tunnel deal, but you don't have to update the IP like that. Setup dyndns on the remote site and refer to it by hostname instead of IP address. That will update automatically and reconnect even when the IP changes. (Provided that the dyndns client on the remote side updates properly, of course…)

        Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          josecanuc
          last edited by

          @jimp:

          Setup dyndns on the remote site and refer to it by hostname instead of IP address. That will update automatically and reconnect even when the IP changes. (Provided that the dyndns client on the remote side updates properly, of course…)

          Good idea. Works great!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.