IPSec Pass Thru Compatible?



  • Having some issues with a Device that use's IPSec. to connect to another Server. Nothing requires that Racoon be enabled or Configured, that I can see as the device has all the Authetication Data internal to the Device and Authenticates with the Remote Server.

    I am under the assumption that PFsense (having IPSec functionality incorporated in it) is IPSec Pass-Thru Compatible due to this, Assuming of course that Outbound NAT, Port Forwarding, and Firewall Rules are properly set. I mean it's a Tunnel like the term says…..if you hand it a shovel and point it at a spot it and get out of the way, it should digg right thru.

    Am I ASS U MING incorrectly or is this NOT the case?

    If it is then Maybe someone could give me an example of a the NATing needed and Firewall Rules.

    I have set Port Forwarding for the required ports and protocols (NAT-T -4500 UDP and ISAKMP 500 UDP), and Pfsense created the WAN--->LAN Firewall Rules.

    I then Created a Firewall Rule on the LAN interface to Pass those ports to the WAN........... and then Set up a NAT rule's Outbound for the same Ports.

    Thus:

    WAN-->LAN Port Forwards

    WAN-->LAN Firewall Rules Created

    LAN-->WAN Firewall Rules for Ports Outbound

    Outbound NAT Rules for Ports on WAN to Any Destination

    Device is Failing to Complete Tunnel Creation is basic Error given. I have looked and looked and so far cannot find any reason for Failure.



  • After further study I think my inquiry is Moving more to NAT I'll move my inquiry over there.