PfSense on a KVM virtual machine for IPSec
xenoky last edited by
i have to setup a VPN IPSec for a VM in a KVM environment.
I set up a new VM with pfSense 2.0.3 with the following configuration:
WAN: directly mapped to public IP, ( for installing i needed to manually add the default gateway route from shell for reaching pfSense from the external IP, after the wizard, the gw is correctly saved and i can reach the web configuration from the internet)
LAN: mapped to a routed internal network (192.168.121.0) created from KVM (no dhcp server from KVM)
The first problem is that when i setup DHCP Server for the LAN in pfSense, if i use the pfsense ip (192.168.121.2) as the gateway, other clients cannot reach the internet. If i use 192.168.121.1 (KVM host) the other clients in the network can reach the internet but i don't think this is the correct configuration because the traffic need to pass through the firewall. Do pfsense need some configuration to act as a gateway? ???
Trying to get working the VPN with the dhcp server configurated to give 192.168.121.1 as gateway is not working.
I am not sure if the gw is the problem ???, anyway this is the error in the log (after correctly setting up phase 1):
May 21 16:41:08 racoon: ERROR: <firewall external="" ip="">give up to get IPsec-SA due to time up to wait.
May 21 16:40:38 racoon: [Fastweb lattanzio]: INFO: IPsec-SA established: ESP <firewall external="" ip="">-><my external="" ip=""> spi=2598844918(0x9ae739f6)
May 21 16:40:38 racoon: ERROR: pfkey UPDATE failed: Invalid argument
Thanks for any help</my></firewall></firewall>