Enc0 not routing traffic

  • Hi everyone,

    I have set up an IPSec tunnel between a PFsense 2.0-RC1 and an IPCop.

    The tunnel is marked as UP on both sides

    From the network beyond the IPCop, I can ping every single machine beyond the PFSense.
    From the network beyond the PFSense, I can't ping machines beyond the IPCop.

    What gives me trouble is :
      * IPCop side, I have an ipsec interface, with an IP address and route to the other side of the IPSec tunnel
      * PFSense side I have an enc0 interface, without IP address and no trace of a route in the routing tables to the IPCop side :


    # ifconfig
    ipsec0    Link encap:Ethernet  HWaddr MA:CA:DD:RE:SS:00  
                  inet addr:public ip address  Mask:
                  UP RUNNING NOARP  MTU:16260  Metric:1
    # ip route list
    LAN ADDRESS PFSIDE/24 via Public IP GW dev ipsec0


    # ifconfig
    enc0: flags=41 <up,running>metric 0 mtu 1536
    # netstat -nr
    gives no mention of route to ipcop side lan</up,running> 

    Am I missing something ?

    Thanks for your help

  • MTU doesnt match

  • True,

    But actually I can't change the MTU trough the PFSense's GUI nor trough the IPCOp's one.
    And that doesn't explain why it works in a way and not in the other way, does it ?

    I forgot to mention that my IPCop is straight on the Internet (bridge mode on the ISP's router), and my PFSense is behind onther ISP's router, which can't be in bridge mode.

  • Then i dont know

Log in to reply