Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't Access pfSense Management GUI from IPsec Host

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bg100
      last edited by

      I'm trying to allow access to the pfSense Management GUI from a host connected to the pfSense via an IPsec VPN, but it doesn't work.

      I have no problem accessing HTTP resources on an IPsec host from the LAN (i.e. the other way around). I can also access RDP from the LAN after tweaking the MSS clamping.

      I've created a firewall rule on the IPsec interface, that allows TCP port 80 with the destination set to the IP address of the pfSense on the LAN side, switched on logging and I can see the correct state being created for my HTTP connection.

      I used tcpdump on the pfsense to capture the TCP stream, and I found that the TCP handshake is successful, but as soon as data begins to be transferred it doesn't get an acknowledgement and start to get TCP retransmissions. See wireshark screenshot below (pfSense is 192.168.1.1)…

      Why do the data packets not get acknowledged when the handshake was successful? How can I fix this?

      Capture.PNG
      Capture.PNG_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.