• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DHCP for IPSEC Clients

Scheduled Pinned Locked Moved IPsec
4 Posts 2 Posters 2.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    morgan14
    last edited by May 5, 2008, 9:58 AM

    Hi, i have a tiny problem with my cisco vpn client.

    When I try to connect to my pfsense box, no ip address are given to my client.

    When i see my logs i have something like that :

    So maybe if i make a rule to have dhcp on ipsec it will work.

    How can I do that ?

    1 Reply Last reply Reply Quote 0
    • H
      hoba
      last edited by May 5, 2008, 7:52 PM

      You don't do DHCP for IPSEC-Clients. The client has to specify the local subnet for mobile clients. You probably think the "unknown gateway/dynamic" is a bug but it just tells you that the endpoint that this log message is about is a mobile client and not a statically configured tunnel.

      Your mainproblem is that you don't have proper authentication settings and from what it looks like don't have an appropriate remote subnet set in the client either.

      1 Reply Last reply Reply Quote 0
      • M
        morgan14
        last edited by May 6, 2008, 8:10 AM May 6, 2008, 7:50 AM

        my remote subnet ?

        Can you advice me about my setting :

        10.56.146.0/23 –--- internet ---modem with PfSenseon DMZ 128.162.49.0/24 ----- LAN : 192.168.1.0/24

        So my remote subnet it the first : 10.56.146.0/23 ?

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by May 6, 2008, 7:29 PM

          Your Cisco client needs to specify a local subnet for his end of the tunnel (from the pfSense point of view this is the remote subnet behind the tunnel). As this is a single client ist should be a /32. I don't know the cisco client so I can't tell you how to set it up.

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received