IpSec Tunnel works only one way
-
I have 3 PFSense boxes (nanobsd 2g) 2.0.
I recently had to restore one of them to factory defaults.
I previously had 2 IPSec tunnels on each box pointing to the other 2.
I got the restored box up and running, and created 2 new tunnels. both tunnels connect to the other boxes (all green arrows).
I can ssh to boxes behind the older pfSense routers from a pc behind the new one using the private ips of the respective network.
what I cannot do is even ping the restored box using it's private ip from either of the old networks.
In addition to the tunnels (phase 1 and 2) I created a firewall rule on the new router to pass all traffic on the ipSec tab.
Is there an obvious answer? Did I miss something? Do you have enough info to help?
Any help appreciated. -
Just wanted to know if my question was asked properly?
Did I provide sufficient information?
Is there a better place to ask?
Is there something I can do to increase the chances of an answer? -
I would suspect firewall rules above anything else. If it were a problem in IPsec, it wouldn't work in either direction.
Or perhaps this?
http://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN%3F