Cisco 800 ADSL router IPSEC VPN to PFSense
-
Hi
I have a site to site VPN running from home to my wifes work between two Cisco 800 ADSL routers, it works perfectly but I have now moved the work Internet access to a Fibre connection that Terminates on a PFSense Firewall. (PPPoE)
I want to move the IPSEC VPN so that it now runs from the Cisco 800 at home to the PF Sense firewall, I have searched and found some articles but none that are specific to Cisco 800 routers, I found one that is for a ASA but the IPSEC seems very different.
Has anyone done this successfully, do you have a setup document that you can share?
regards
Peter
-
Anything detailing IOS should work with the Cisco 800. Yes, ASA/PIX are different.
It's just IPSec. What versions of IOS/pfSense are you talking about?
-
Hi
The Router version is Version 12.4(24)T6, the PFSense box is 2.2.5-RELEASE (i386)On the Cisco I just changed the remote host since I already had the VPN configured to run to a Cisco 800 on the remote side, this is the config on the Home side now.
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key "superkey" hostname "officesite".dyndns.orgcrypto ipsec transform-set TS esp-3des esp-md5-hmac
!
crypto map vpn-to-hq 10 ipsec-isakmp
set peer "officesite".dyndns.org dynamic
set transform-set TS
match address VPN-TRAFFICip access-list extended VPN-TRAFFIC
permit ip 192.168.2.0 0.0.0.255 10.1.0.0 0.0.3.255access-list 100 deny ip 192.168.2.0 0.0.0.255 10.1.0.0 0.0.3.255
access-list 100 permit ip 192.168.2.0 0.0.0.255 anyThen attached are the PFsense screens, if this is correct then I have a rule problem possibly..
-
Looking at it briefly I think you should look at the peer identification. It looks like the 800 is set to FQDN and pfSense is set to IP addresses.
-
I have this working, will post the configs for anyone's reference..
