Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LT2P/IPSEC Wont Work

    Scheduled Pinned Locked Moved NAT
    3 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mat1987
      last edited by

      Hey All

      I am new to pfsense and i have got dual wan to work no problem but vpn is causing me a headcahe.

      I have my own 2008 server running vpn which all works internally no problem,  However when i try and connect from the outside world using microsofts client as a test it wont connect.  I have read peoples posts on here set up firewall rules etc but wont happen.  I have seen someone say that you need to add a registry key but before i do that i try and use http://www.yougetsignal.com/tools/open-ports/ and i cannot get it to see any ipsec or l2tp ports.

      Any help on this would be great as running out of ideas.

      Thanks

      Mat

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Which port forward entries -exactly- did you add? You should forward in udp/500, udp/4500, and ESP.

        Having the L2TP+IPsec server behind NAT has been a problem for others in the past (with any NAT, not just pfSense).

        http://support.microsoft.com/kb/926179 is typically required to be set on the Windows server.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • A
          arduino
          last edited by

          It was impossible for me to get this working .

          I ended up just going with SSTP , I was trying to avoid buying a certificate .

          I port forwarded all the correct ports and IP protocols and it just didn't work.

          The only firewall I have used the does this correctly is Astaro…but is sucks compared to pfSense.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.