IPSec Pass Through

  • Is there anything needed to pass through/receive IPSec from behind PFSense? This is the setup:

    Internal Cisco/IPSec -> PFSense Firewall -> Internet -> Client IPSec -> Internal Client LAN

    Do I need to forward ESP and UDP500 from the Internet to the Cisco? It seems like we can establish the IPSec connection, send data through PFSense, but we are not getting a reply back.

    Thoughts or suggestions? Thanks.

  • Try to sniff packets or allow straight those. Don't forget AH

  • Well, ended up it wasn't even pfsense's problem! lol

    Ended up being the rules on the internal cisco that was the problem. I don't manage that particular device so I had to give them the benefit of the doubt that it was configured right.

  • Good to hear

Log in to reply