1. Home
  2. pfSense® Software
  3. IPsec
  4. Anyway to verify outgoing packets are going across the IPSec tunnel

Anyway to verify outgoing packets are going across the IPSec tunnel

  • D

    Hey guys. Today I had to change IP addresses on the DMZ network at one of our branch offices. This particular network has several (around 7) IPSec connections. So I had to modify the source network on these tunnels and had to request the IT staff of our customer connection do the same on their end.

    Everything appears to be okay, and the IPSec tunnels are all up and green in terms of status. However, traffic isn't getting across. I can verify that the packets are entering my DMZ interface, but that is as far as I get.

    Is there anyway to verify that a particular packet is being encapsulated in an IPSec frame and sent out?

    Thanks. This one has me stumped and, at the very least, I'd like to determine if it's our end or their end.

    0
  • jimp
    Rebel Alliance Developer Netgate

    You can run tcpdump on the enc0 interface to see what is coming and going in terms of IPsec traffic. No way to do that from the GUI in 1.2.3, if you're on a 2.0 snapshot you should be able to do that from Diagnostics > Packet Capture.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy