Configure firewall rule in both directions to filter IPSEC traffic?
I've recently deployed a pfSense router running version 2.0 RC3. I have several IPSEC VPN tunnels set up and would like to restrict the traffic that flows through the IPSEC tunnels. I'm assuming the way to do this is to configure firewall rules under the 'IPSEC' interface? If I want to allow ICMP echo traffic in either direction through a tunnel do I need two rules with the source and destination subnets reversed?
firewall rules work on ingress. so you got it right.