Site-to-Site IPSec VPN between PFSense 2.2.4 and Cisco ASA5505

  • Hi All,
    I have recently setup a site-to-site IPSec VPN b/w my new configured PFSense box and Cisco ASA5505. I have full control on both box and was able to setup IPSEC connection. However, both LAN network on Site A & Site B cannot access each other. Even PING each remote box IP is not possible.

    IPSec rules to allow all connection has been enabled and even Routing via PFsense box has been setup. But still no luck for me to get it working.

    ![pfsense IPSec Stat.JPG](/public/imported_attachments/1/pfsense IPSec Stat.JPG)
    ![pfsense IPSec Stat.JPG_thumb](/public/imported_attachments/1/pfsense IPSec Stat.JPG_thumb)
    ![pfsense log.JPG](/public/imported_attachments/1/pfsense log.JPG)
    ![pfsense log.JPG_thumb](/public/imported_attachments/1/pfsense log.JPG_thumb)

  • You're sending traffic out from that side, and getting nothing from the ASA side. What do the SA counters show on the ASA?

  • I believe it has to do with the nat rules in the asa you need to tell the asa that any traffic destined for the tunnel cannot go out the wan interface. I did it once don't remember the exact steps however.

Log in to reply