4. Can't Access pfSense Management GUI from IPsec Host

Can't Access pfSense Management GUI from IPsec Host

  • B

    I'm trying to allow access to the pfSense Management GUI from a host connected to the pfSense via an IPsec VPN, but it doesn't work.

    I have no problem accessing HTTP resources on an IPsec host from the LAN (i.e. the other way around). I can also access RDP from the LAN after tweaking the MSS clamping.

    I've created a firewall rule on the IPsec interface, that allows TCP port 80 with the destination set to the IP address of the pfSense on the LAN side, switched on logging and I can see the correct state being created for my HTTP connection.

    I used tcpdump on the pfsense to capture the TCP stream, and I found that the TCP handshake is successful, but as soon as data begins to be transferred it doesn't get an acknowledgement and start to get TCP retransmissions. See wireshark screenshot below (pfSense is 192.168.1.1)…

    Why do the data packets not get acknowledged when the handshake was successful? How can I fix this?


    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy