Problem after establishing VPN



  • hi,

    i've established IPSEC VPN between checkpoint R65(yes i know, it's a thousand years old) and everything is working great except one thing.
    from the LAN behind the checkpoint, i cannot reach the PFsense firewall admin via the external IP(public IP) but only to his LAN IP(which goes through the VPN).
    i've added rules in IPSEC and also in the regular rules but it's not helping.
    it like the checkpoint is trying to to go directly through the VPN to the public IP of the PFsense, and not via regular routing.
    after checking some tcpdump info on all interfaces in PFsense i see no traffic coming from outside, so it seems as it is stuck in the checkpoint.
    please help.
    thanks.



  • hello,

    What is the port of the pfsense manager?
    when you try to go to the external ip the packet is route to the destination and not by the vpn tunnel.
    only packet that goes to the internal lan are route into the tunnel.

    You need to allow outgoing from sbox lan to the public IP of the pfsense (at the sbox)  and allow incoming in the pfsense.

    or just access to the lan address of the pfsense.

    Hope that help.
    Tal



  • hi,

    there is a rule to allow traffic from the LAN behind the checkpoint to the PFsense server.
    it worked until i've started the vpn.


Log in to reply