Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic shaping IPsec

    Scheduled Pinned Locked Moved
    IPsec
    3
    6
    2.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jonb
      last edited by

      I have got an IPsec tunnel the pfsense in doing and I was just wondering on what the rules should be.

      Hosted desktops and servers with support without complication.
      www.blueskysystems.co.uk

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        I don't get what you are asking for exactly. Can you give us some more details?

        1 Reply Last reply Reply Quote 0
        • S
          sullrich
          last edited by

          IPSEC rules are installed automatically behind the scenes.

          1 Reply Last reply Reply Quote 0
          • J
            Jonb
            last edited by

            I have the PFsense setting up an IPsec tunnel to a remote site and I was wondering if I would need to setup traffic shapping to optimise the link.

            Hosted desktops and servers with support without complication.
            www.blueskysystems.co.uk

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by

              You have an IPSEC option when running the wizard. Set this priority to high. After it has finished go to the trafficshaper rules page and edit the IPSEC rules. change source "lan subnet" to "any". save and apply. now your ipsec will get higher priority.

              1 Reply Last reply Reply Quote 0
              • J
                Jonb
                last edited by

                Ok this is what I have now

                WAN->LAN
                ESP  *  *  qOthersDownH/qOthersUpH  m_Other IPSEC inbound     
                   
                  WAN->LAN
                UDP  *  *
                Port: 500  qOthersDownH/qOthersUpH  m_Other IPSEC inbound     
                   
                  LAN->WAN
                UDP  *  *
                Port: 500  qOthersUpH/qOthersDownH  m_Other IPSEC outbound     
                   
                  LAN->WAN
                AH  *  *  qOthersUpH/qOthersDownH  m_Other IPSEC outbound     
                   
                  LAN->WAN
                ESP  *  *  qOthersUpH/qOthersDownH  m_Other IPSEC outbound     
                   
                  WAN->LAN
                AH  *  *  qOthersDownH/qOthersUpH  m_Other IPSEC inbound

                Hosted desktops and servers with support without complication.
                www.blueskysystems.co.uk

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post