Blocking between LAN/IPSec interfaces

  • Hi,
    I have just set up multiple VLAN interfaces on my PFsense box and am having a bit of trouble with traffic being blocked.
    IPsec network =
    VLAN Interface (OOB) network =

    I have set a basic allow any rule for both interfaces
    IPv4 * * * * * * none

    Despite this, traffic is still getting blocked with a "Default deny rule IPv4"
    Any ideas as to why the traffic not match the allow all rule?
    I have included a log screencap of the blocks I am seeing
    It looks as if the traffic is able to get from the IPsec interface to LAN but not back

    Any tips would be much appreciated

  • As I work more on this I have a possible lead.

    My phase 2 for the IPSec connection specifies the VLAN i am connecting to.
    Right now I have the IPSec server giving my client an address from the network and it is connecting me to the VLAN with a network of

    The VLAN I am having trouble accessing from the IPSec interface has a network of (shows as OOB in the previous log screenshot)
    I assumed that given the allow all rules present on each interface that even though IPSec phase 2 specifies that I am connected to the network, I would still have access to
    Perhaps I am wrong on this.
    As a side note. If i ssh to a host on the network, I can use that host to access the network without an issue. This leads me to believe I have an issue with how my IPSec server is setup.

  • Ok,
    After doing some more research I have found the answer.
    In order to route correctly between VLANS when using an IPSec tunnel I needed to add additional phase 2 entries on my IPSec server config that specified each additional VLAN I needed to access.

Log in to reply