VPN client through PFSense not working : where to look at ?



  • Hi, I'm posting in General because I don't know where to look at first … Thanks in advance ;)

    I recently decided to manage in a better way the Wifi for customers in our company building. There was one left port on the Cisco, so I decided to totally isolate the external Wifi on one specific dedicated LAN. I chose PFsense because it is a strongly approved solution, it gives me opportunities to improve my skills, and more than all, brings that amazing Captive Portal (it was a decisive factor).

    Situation :

    Hardware :

    • 1 hardware Firewall (ASA 5510) with one ethernet port dedicated to the company Wifi " Wifi WAN "
    • 1 PFSense server with two ethernet boards : one ethernet  on " Wifi WAN ", one on " Wifi LAN "

    Networks :

    • The Wifi WAN network, where there's only the PFSense server and its " Wifi WAN " Nic
    • The Wifi LAN network, where there are two Wifi access points (configured as such)

    Does it work ?

    • Yes it does, I've set up individual / company accounts, limited bandwidth, it's really great !

    So what's up ?

    • When some people try to use VPN from the Wifi (USB keyed VPN, or our company CISCO VPN Client using Ipsec), it doesn't work. If I put the workstation directly in the WAN network area, it works, so it doesn't come from the ASA 5510.

    Where should I look at ?

    Here are the firewall rules on the LAN side (see attachment). Where else should I look at ?

    Thanks in advance ! :) Have a great day !
    ![2015-08-14 09_45_18-wifirewall.localdomain - Firewall_ Rules.png](/public/imported_attachments/1/2015-08-14 09_45_18-wifirewall.localdomain - Firewall_ Rules.png)
    ![2015-08-14 09_45_18-wifirewall.localdomain - Firewall_ Rules.png_thumb](/public/imported_attachments/1/2015-08-14 09_45_18-wifirewall.localdomain - Firewall_ Rules.png_thumb)