1. Home
  2. pfSense® Software
  3. IPsec
  4. Azure VPN - one one comms

Azure VPN - one one comms

  • O

    Hi

    I have successfully set up a VPN connection between my pfsense firewall and an Azure 2012 Server. I can see the server from within my network (ping, view shared folders etc) but I am unable to see my network from the Server.

    The network setup is as follows:

    Office network - 192.168.0.0/24
    Azure network  - 10.0.0.0/24 (IP range 10.0.0.4 - 10.0.0.254)
    Azure Subnet 10.0.0.0/27 (IP range 10.0.0.4 - 10.0.0.30)
    Gateway 10.0.0.32/29 (IP range 10.0.0.36 - 10.0.0.38)

    The Azure server has a DHCP address of 10.0.0.4 and a gateway of 10.0.0.1. I don't understand why a gateway of 10.0.0.1. Based on my network config above, I would have expected the gateway to be 10.0.0.36 or higher.

    I can't ping 10.0.0.1 but can ping 10.0.0.36 from both networks. I have tried changing the Server's default gateway to 10.0.0.36 without any luck. I have disabled the firewall on the Server and created a firewall IPsec rule on the pfsense box to allow all TCP/UDP traffic from everywhere on all port. Still no luck

    Anyone know what may be wrong?

    Thanks
    O.

    0
  • C

    @ocset:

    Hi

    I have successfully set up a VPN connection between my pfsense firewall and an Azure 2012 Server. I can see the server from within my network (ping, view shared folders etc) but I am unable to see my network from the Server.

    The network setup is as follows:

    Office network - 192.168.0.0/24
    Azure network  - 10.0.0.0/24 (IP range 10.0.0.4 - 10.0.0.254)
    Azure Subnet 10.0.0.0/27 (IP range 10.0.0.4 - 10.0.0.30)
    Gateway 10.0.0.32/29 (IP range 10.0.0.36 - 10.0.0.38)

    The Azure server has a DHCP address of 10.0.0.4 and a gateway of 10.0.0.1. I don't understand why a gateway of 10.0.0.1. Based on my network config above, I would have expected the gateway to be 10.0.0.36 or higher.

    I can't ping 10.0.0.1 but can ping 10.0.0.36 from both networks. I have tried changing the Server's default gateway to 10.0.0.36 without any luck. I have disabled the firewall on the Server and created a firewall IPsec rule on the pfsense box to allow all TCP/UDP traffic from everywhere on all port. Still no luck

    Anyone know what may be wrong?

    Thanks
    O.

    Try setting your firewall rule to be for protocol "any" instead of TCP or UDP. That way pings can get through (they use ICMP). Also, does your LAN have a firewall rule allowing inbound traffic?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy