Help sending flows to an IPsec destination

pfSense Packages
Log in to reply
  • S

    I have a branch office running a Netgate 7541.  Default route over IPsec back to HQ.  I want to capture flows and send them back to our Orion server at HQ.  I've tried both softflowd and pfflowd with the same results.  I do this at some of our other locations with an ASA 5505… so it shouldn't be impossible.

    thanks!

    0
  • jimp
    Rebel Alliance Developer Netgate

    You'll have to nudge the firewall to send the flows from a source of the LAN IP or similar, usually with a static route.

    0
  • S

    I tried a static route without success.  Will attach some screenshots.  The source ping works fine.

    Flow is below:

    172.20.10.254 |pfsense| public IP <ipsec>internet <ipsec>|Corporate ASA| 172.20.1.1 <> 172.20.1.68 (Netflow Receiver)






    </ipsec></ipsec>

    0
  • S

    also tried setting the static route to 0.0.0.0/1 … flows still not making it.  I also did a pcap to confirm they are not making it.  I feel like I'm missing something simple......  :-\

    EDIT: BAH. Nevermind. pfflowd works with the static route in place. I absolutely could not get softflowd to work over IPsec. I'm happy.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy