1. Home
  2. pfSense® Software
  3. IPsec
  4. IPSEC VPN Problem?

IPSEC VPN Problem?

  • S

    I am not sure where to post this. I have setup a simple network with a IPSEC VPN. No VLANS; IPSEC assigns the client PC 192.168.30.xxx/24  It looks physically like this:

    Cable modem–>pfsense-->Switch-->hosts & and problem server

    Logically:

    WAN-->Router(192.168.11.1)-->Switch(192.168.11.28)--> Problem Server (NVR) (192.168.11.29)

    When using the VPN

    • I can't access the switch config page over VPN

    • I can't access the Network Video Recorder using the NVR client over VPN

    • I can access the NVR client using tightVNC, but I receive a connection error

    • I can access the webpage of all IP cameras

    The NVR software & switch seems to be suffering from a strange one way communication problem over the VPN but work fine on the LAN. When accessing the switch config page it seems to be trying to load but never does and eventually finishes loading after a few minutes but displays nothing (chrome); just a white screen, no error messages from chrome. When running ping on a IP camera over VPN:

    Pinging 192.168.11.77 with 32 bytes of data:
    Reply from 192.168.11.77: bytes=32 time=37ms TTL=63
    Reply from 192.168.11.77: bytes=32 time=23ms TTL=63
    Reply from 192.168.11.77: bytes=32 time=33ms TTL=63
    Reply from 192.168.11.77: bytes=32 time=27ms TTL=63

    NVR over VPN ping:

    Pinging 192.168.11.29 with 32 bytes of data:
    Reply from 192.168.11.29: bytes=32 time=37ms TTL=127
    Reply from 192.168.11.29: bytes=32 time=30ms TTL=127
    Reply from 192.168.11.29: bytes=32 time=43ms TTL=127
    Reply from 192.168.11.29: bytes=32 time=19ms TTL=127

    When using trace route to any accessible host over VPN I get this, dont know if this is normal:

    Tracing route to 192.168.11.77 over a maximum of 30 hops

    0  Bob-PC.localdomain [192.168.30.1]
      1    *        *        *   
    Computing statistics for 0 seconds…
                Source to Here  This Node/Link
    Hop  RTT    Lost/Sent = Pct  Lost/Sent = Pct  Address
      0                                          Bob-PC.localdomain [192.168.30.1]

    Ping statistics for 192.168.11.77:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 23ms, Maximum = 37ms, Average = 30ms

    The NVR network settings are as follows:

    IP: 192.168.11.29
    Subnet: 255.255.255.0
    Default Gateway: 192.168.11.1

    Here is a trace route to the non-accessible NVR, the same results for the switch:

    Tracing route to 192.168.11.29 over a maximum of 30 hops

    1    *        *        *    Request timed out.
      2    29 ms    30 ms    27 ms  192.168.11.29

    Trace complete.

    • Why cant I access the switch setup page over vpn?

    • Why cant I use the NVR client software over vpn?

    Any help would be appreciated guys, thanks in advance.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy