Problems connecting to watchguard soho 6



  • I have configured both ends and I am able to ping from the pfsense network (192.168.1.0/24) to the soho network (192.168.2.0/24) with no problem.  When I try to ping the other way, I get 100% packet loss.  Our ERP software at the remote site cannot find the server at the local site.  There are no software firewalls in place.  Looking through the logs I see:

    ERROR: pfkey DELETE received

    does that mean anything?

    I am trying to replace a failing watchguard x core ASAP.

    Thanks for your help,

    Stephen



  • I just saw that in the firewall rules that there is a tab for IPSEC.  Do I have to configure a rule to allow traffic from 192.168.2.0/24 to access 192.168.1.0/24?



  • The message from your first post indicates that the tunnel was destroyed again for some reason. I guess some parameters are not matching between the both ends.

    To answer your second post: you need firewallrules in place to allow traffic coming in through the tunnel from the remote end but this is nothing that will prevent the tunnel from being established in the beginning. It only matters once the tunnel is up.



  • Perhaps I am missing something in the Soho config.  It doesn't have as many options and fields to fill in as the pfsense box does.  I don't have access to the box right now because I am home.  I'll try to post a screenshot in the morning.

    Stephen



  • Not all guis have all settings at one page. Some vendors prefer to have multiple pages for that and reference one of the settings from another screen. Other vendors hardcode some of the settings and you have to know what they have set them to on the other end. I have pfSense systems connected to several other products via ipsec. It's sometimes hard to find out how to configure them but in the end it always worked for me.


Log in to reply