4. VPN Tunnel with Cisco UC560\. Tunnel is UP but no traffic…

VPN Tunnel with Cisco UC560\. Tunnel is UP but no traffic…

  • I

    Hello all,

    after many hours of reading thru website, blogs, pfSense book I finally managed to get a VPN Tunnel up and running with a UC560 unit. ::)  This unit already has a VPN tunnel with another UC560 and I need to add a tunnel for an other location that is using a pfSense.

    So, I mainly followed the guides I found in the book or on the pfSense website but I had to do the following to make it work:

    • Update to version 2.2.4

    • Negotiation mode set to Aggressive

    • Use the Preshared Key already in the UC560 and tied to 0.0.0.0 (for the VPN link to the other UC560)

    Now, the tunnel is up and running and I can confirm with the pfSense box and the Cisco that it's working:

    Interface: GigabitEthernet0/0
Profile: SITE-TO-SITE
Session status: UP-ACTIVE
Peer: X.Y.Z.153 port 500
  IKE SA: local X.Y.Z.154/500 remote X.Y.Z.153/500 Active
  IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.1.0/255.255.255.0
        Active SAs: 2, origin: crypto map
  IPSEC FLOW: permit ip 192.168.1.0/255.255.255.0 192.168.50.0/255.255.255.0
        Active SAs: 0, origin: crypto map

    Unfortunately, I tried to Ping each boxes from each side and I get nothing… I must admit I am exhausted and I don't know where to look.

    Any idea?

    BTW, I did run some command on the Cisco unit to disable NAT thru the tunnel.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy