Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense on a KVM virtual machine for IPSec

    Scheduled Pinned Locked Moved
    Virtualization
    1
    1
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xenoky
      last edited by

      Hello everyone,

      i have to setup a VPN IPSec for a VM in a KVM environment.

      I set up a new VM with pfSense 2.0.3 with the following configuration:
      WAN: directly mapped to public IP, ( for installing i needed to manually add the default gateway route from shell for reaching pfSense from the external IP, after the wizard, the gw is correctly saved and i can reach the web configuration from the internet)
      LAN: mapped to a routed internal network (192.168.121.0) created from KVM (no dhcp server from KVM)

      The first problem is that when i setup DHCP Server for the LAN in pfSense, if i use the pfsense ip (192.168.121.2) as the gateway, other clients cannot reach the internet. If i use 192.168.121.1 (KVM host) the other clients in the network can reach the internet but i don't think this is the correct configuration because the traffic need to pass through the firewall. Do pfsense need some configuration to act as a gateway?  ???

      Trying to get working the VPN with the dhcp server configurated to give 192.168.121.1 as gateway is not working.
      I am not sure if the gw is the problem  ???, anyway this is the error in the log (after correctly setting up phase 1):

      May 21 16:41:08 racoon: ERROR: <firewall external="" ip="">give up to get IPsec-SA due to time up to wait.
      May 21 16:40:38 racoon: [Fastweb lattanzio]: INFO: IPsec-SA established: ESP <firewall external="" ip="">[500]-><my external="" ip="">[500] spi=2598844918(0x9ae739f6)
      May 21 16:40:38 racoon: ERROR: pfkey UPDATE failed: Invalid argument

      Thanks for any help</my></firewall></firewall>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post