PFSense as cilent for Cisco IPsec VPN server



  • Hi all,

    I've been trying to configure my pfsense gateway (i386 latest version) to an IPsec VPN network, but without any luck. I read several tutorials, including  https://doc.pfsense.org/index.php/IPsec_between_pfSense_and_Cisco_IOS, https://doc.pfsense.org/index.php/VPN_Capability_IPsec, https://doc.pfsense.org/index.php/IPsec_between_pfSense_and_a_Cisco_PIX, but still no luck…

    The connection details that I have are: groupame, pre-shared key, username and password. I was not able to find anyway to  specify the group name, username or password. (I went through both phase 1 and phase 2).

    I start to think that what I need to do is not possible, at least not with the information that I currently have…

    Looking forward to any ideas that could help me salve this issue!

    Thanks a lot!
    Alex


  • Netgate

    The requirement for the username and password after connecting is xauth.  Note that both of the cisco configs in the examples you cite have "no-xauth" on the tunnels so username and password is not required.

    It doesn't look to me like the pfSense IPsec client can do xauth.  That is typically not used for site-to-site.  Sure you don't just want to run the cisco ipsec client on a workstation behind pfSense?



  • Derelict, thank you for replying to my post!

    The reason I want to have pfSense connect to the VPN server is that I want to be able to connect my mobile devices to my WiFi network and have access to the remote site through the VPN tunnel.

    As a workaround, I can use a Mac to connect to the VPN and create a hotspot (I thins to be more reliable on a Mac than on Windows), but I consider this option as the last option.

    Another solution is to buy another AccessPoint that offers Cisco IPSec with authentication, but my searches on the internet have not been very productive. If any of you know of an example, please let me know. (I have a Tomato AP, but that doesn't support IPSec out of the box)

    Thanks,
    Alex