Ipad can not access private network with pfsense 2RC3
-
hi,
I installed pfsense 2 rc3 and configured ipsec for ipad.
The wan address is 192.168.1.101 and lan address is 192.168.2.10, ipsec client network for ipad is 192.168.2.180/24.
when server started ,ipad could get ip address (192.168.2.181),but it can not access lan (192.168.2.10).
ipfilter fules are ok.
here is my racoon configuration file and some usingful imformation
racoon.conf
listen
{
adminsock "/var/db/racoon/racoon.sock" "root" "wheel" 0660;
isakmp 192.168.1.101 [500];
isakmp_natt 192.168.1.101 [4500];
}mode_cfg
{
auth_source system;
group_source system;
pool_size 253;
network4 192.168.2.181;
netmask4 255.255.255.0;
split_network include 192.168.2.0/24;
save_passwd on;
}remote anonymous
{
ph1id 2;
exchange_mode aggressive;
my_identifier address 192.168.1.101;
peers_identifier user_fqdn "u@v.com";
ike_frag on;
generate_policy = unique;
initial_contact = off;
nat_traversal = on;dpd_delay = 10;
dpd_maxfail = 5;
support_proxy on;
proposal_check obey;
passive on;proposal
{
authentication_method xauth_psk_server;
encryption_algorithm des;
hash_algorithm sha1;
dh_group 2;
lifetime time 86400 secs;
}
}sainfo anonymous
{
remoteid 2;
encryption_algorithm aes 128;
authentication_algorithm hmac_sha1;lifetime time 28800 secs;
compression_algorithm deflate;
}
when tunnel is connected
SAD is
192.168.1.100 192.168.1.101 ESP 0c0387c1 aes-cbc hmac-sha1 6268 B
192.168.1.101 192.168.1.100 ESP 0b80e184 aes-cbc hmac-sha1 0 B
SPD is
192.168.2.181 192.168.2.0/24 ESP 192.168.1.100 -> 192.168.1.101
192.168.2.0/24 192.168.2.181 ESP 192.168.1.101 -> 192.168.1.100the ipsec interface(enc0) can receive data package but no reponse any more
could anybody help me? thanks.
wangpro
-
lan address is 192.168.2.10, ipsec client network for ipad is 192.168.2.180/24
You need to use a different subnet for IPsec. Example, 192.168.3.0/24.
My Ipad works perfectly with 2.0.