IPv6 and IPSec VPN
-
Hi,
I have 2 pfsense firewalls.
Both pfsense firewalls have an ipv4 site to site to each other. All traffic works.
I have added an IPv6 HE Tunnel to each of the pfsense firewalls. IPv6 traffic works fine. When i add some rules i can get from site A to B via ipv6 and everything works.
If i create an IPv6 IPSec VPN tunnel between Site A and B (and allow all IPv6 traffic between A and B). The tunnel will work but not for all traffic. I can use ping/traceroute/smtp for example but i cannot use SMB.
Somebody got some tips?
Running on 2.1.2-RELEASE
-
It could be an issue with packet fragmentation/MTU.
Try setting MSS Clamping for VPNs on System > Advanced, Misc tab
-
I did change the MTU to 1320 and still have the problem.
-
On both sides?
-
Changed it at both sides
-
I just wan't to mention that I have the same problem.
Traffic works fine without the IPSec tunnel, but as soon as it comes up, connectivity disappears.
I am running 2.1.3-RELEASE on one end, and 2.1-RELEASE on the other.
Native IPv6 on both ends, no HE-tunnels or such. -
+1 here. 7 PFsense routers running IPv6 and IPSEC. Ping etc. works so you think its working fine but MySQL over port 3306 is facing timeouts, active directory replication doesn't work etc.
-
I set the MSS to 1000, and then it started working.
No idea why it has to be so low, and it could probably be a bit higher, but I haven't been bothered to check.
