• Hi All,

    I have 2 pfsense 2.0.1 with IPsec site-to-site VPN tunnel configured.
    LAN1 (10.25.0.0/16) <–-> FW01 <---Internet---> FW02<--> LAN2 (10.62.21.0/24)
    LAN1 GW (10.25.1.1)                                                        LAN2 GW (10.62.21.1)

    I have allow any/any in the IPsec tunnel. All my other machine in the LAN1 network is able to ping the machine in the LAN2 network, I can also RDP to my windows server in the LAN2 network.
    I have a Ubuntu server with Zoneminder software in LAN1 network with IP address 10.25.1.65 and and a network camera in LAN2 network with IP adddress 10.62.21.51. Strangely when I ping a machine in the LAN2 network for the first time, the first packet went thru but subsequence packet just cannot go thru.

    lawrence@sgcctv02:~$ ping 10.62.21.5
    PING 10.62.21.5 (10.62.21.5) 56(84) bytes of data.
    From 10.25.1.1: icmp_seq=1 Redirect Host(New nexthop: 10.62.21.5)
    64 bytes from 10.62.21.5: icmp_req=1 ttl=126 time=29.6 ms
    From 10.25.1.65 icmp_seq=2 Destination Host Unreachable
    From 10.25.1.65 icmp_seq=3 Destination Host Unreachable

    I have checked on the ubuntu server and have disabled the ufw and check iptables, nothing is listed. The routing table on the ubuntu server shows:
    Kernel IP routing table
    Destination    Gateway        Genmask        Flags  MSS Window  irtt Iface
    0.0.0.0        10.25.1.1      0.0.0.0        UG        0 0          0 eth0
    10.25.0.0      0.0.0.0        255.255.0.0    U        0 0          0 eth0

    I have checked my firewall rules and have allowed all traffic on the LAN (any/any) on both side, still I cannot find out where is the problem. I am able to access the web cam configuration menu and view live video from LAN1 network.

    Also I RDP to my windows machine in the LAN2 network and I can ping all my other servers but not the ubuntu server.

    Can somebody tell me if this is an issue on the pfsense or the ubuntu server?