Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec Routing questions

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 830 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Circuitsoft
      last edited by

      I'm trying to set up an IPSec net-to-net tunnel. The other end is a MikroTik router. I have it mostly working now, but it seems like there's a routing issue within the PfSense setup.

      192.168.37.1/24->PfSense->Internet->MikroTik->192.168.40.1/24

      192.168.37.2# ping 192.168.40.1
       <succeeds>192.168.37.2# traceroute -n 192.168.40.1
      traceroute to 192.168.40.1 (192.168.40.1), 30 hops max, 60 byte packets
       1  192.168.37.1  0.665 ms  0.770 ms  0.846 ms
       2  * * *
       3  * * *
       4  * * *
       5  * * *
       6  * * *
       7  *^C
      192.168.37.2# ping 192.168.40.2
       <fails>192.168.37.2# traceroute -n 192.168.40.2
      traceroute to 192.168.40.2 (192.168.40.2), 30 hops max, 60 byte packets
       1  192.168.37.1  0.598 ms  0.626 ms  0.656 ms
       2  * * *
       3  * * *
       4  * * *
       5  * * *
       6  * * *
       7  *^C
      
      192.168.40.2# ping 192.168.37.1
       <succeeds>192.168.40.2# ping 192.168.37.2
       <succeeds>192.168.40.2# traceroute -n 192.168.37.2
       1  192.168.40.1  0.204 ms  0.297 ms  0.365 ms
       2  * * *
       3  192.168.37.2  71.548 ms  71.669 ms  71.868 ms</succeeds></succeeds></fails></succeeds>
      

      I am thoroughly confused at this point. Any ideas?

      1 Reply Last reply Reply Quote 0
      • C
        Circuitsoft
        last edited by

        Edit: This was just a figment of netcat. Happens locally too.

        ~~One more hint: What are these Xs?

        192.168.37.2# nc -l -p 1234 -uvvv
        listening on [any] 1234 ...
        192.168.40.2: inverse host lookup failed: Unknown host
        connect to [192.168.37.2] from (UNKNOWN) [192.168.40.2] 49339
        XXXXXhello
        ^C sent 0, rcvd 11
        
        192.168.40.2# echo hello | nc 192.168.37.2 1234 -u -vvv
        Connection to 192.168.37.2 1234 port [udp/*] succeeded!
        ^C
        ```~~
        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.