IPSec Routing questions
-
I'm trying to set up an IPSec net-to-net tunnel. The other end is a MikroTik router. I have it mostly working now, but it seems like there's a routing issue within the PfSense setup.
192.168.37.1/24->PfSense->Internet->MikroTik->192.168.40.1/24
192.168.37.2# ping 192.168.40.1 <succeeds>192.168.37.2# traceroute -n 192.168.40.1 traceroute to 192.168.40.1 (192.168.40.1), 30 hops max, 60 byte packets 1 192.168.37.1 0.665 ms 0.770 ms 0.846 ms 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 *^C 192.168.37.2# ping 192.168.40.2 <fails>192.168.37.2# traceroute -n 192.168.40.2 traceroute to 192.168.40.2 (192.168.40.2), 30 hops max, 60 byte packets 1 192.168.37.1 0.598 ms 0.626 ms 0.656 ms 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 *^C 192.168.40.2# ping 192.168.37.1 <succeeds>192.168.40.2# ping 192.168.37.2 <succeeds>192.168.40.2# traceroute -n 192.168.37.2 1 192.168.40.1 0.204 ms 0.297 ms 0.365 ms 2 * * * 3 192.168.37.2 71.548 ms 71.669 ms 71.868 ms</succeeds></succeeds></fails></succeeds>I am thoroughly confused at this point. Any ideas?
-
Edit: This was just a figment of netcat. Happens locally too.
~~One more hint: What are these Xs?
192.168.37.2# nc -l -p 1234 -uvvv listening on [any] 1234 ... 192.168.40.2: inverse host lookup failed: Unknown host connect to [192.168.37.2] from (UNKNOWN) [192.168.40.2] 49339 XXXXXhello ^C sent 0, rcvd 11192.168.40.2# echo hello | nc 192.168.37.2 1234 -u -vvv Connection to 192.168.37.2 1234 port [udp/*] succeeded! ^C ```~~
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.