Cisco 800 ADSL router IPSEC VPN to PFSense
I have a site to site VPN running from home to my wifes work between two Cisco 800 ADSL routers, it works perfectly but I have now moved the work Internet access to a Fibre connection that Terminates on a PFSense Firewall. (PPPoE)
I want to move the IPSEC VPN so that it now runs from the Cisco 800 at home to the PF Sense firewall, I have searched and found some articles but none that are specific to Cisco 800 routers, I found one that is for a ASA but the IPSEC seems very different.
Has anyone done this successfully, do you have a setup document that you can share?
Anything detailing IOS should work with the Cisco 800. Yes, ASA/PIX are different.
It's just IPSec. What versions of IOS/pfSense are you talking about?
The Router version is Version 12.4(24)T6, the PFSense box is 2.2.5-RELEASE (i386)
On the Cisco I just changed the remote host since I already had the VPN configured to run to a Cisco 800 on the remote side, this is the config on the Home side now.
crypto isakmp policy 1
crypto isakmp key "superkey" hostname "officesite".dyndns.org
crypto ipsec transform-set TS esp-3des esp-md5-hmac
crypto map vpn-to-hq 10 ipsec-isakmp
set peer "officesite".dyndns.org dynamic
set transform-set TS
match address VPN-TRAFFIC
ip access-list extended VPN-TRAFFIC
permit ip 192.168.2.0 0.0.0.255 10.1.0.0 0.0.3.255
access-list 100 deny ip 192.168.2.0 0.0.0.255 10.1.0.0 0.0.3.255
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
Then attached are the PFsense screens, if this is correct then I have a rule problem possibly..
![VPN_ IPsec_ Edit Phase 1.jpg](/public/imported_attachments/1/VPN_ IPsec_ Edit Phase 1.jpg)
![VPN_ IPsec_ Edit Phase 1.jpg_thumb](/public/imported_attachments/1/VPN_ IPsec_ Edit Phase 1.jpg_thumb)
![VPN_ IPsec_ Edit Phase 2.jpg](/public/imported_attachments/1/VPN_ IPsec_ Edit Phase 2.jpg)
![VPN_ IPsec_ Edit Phase 2.jpg_thumb](/public/imported_attachments/1/VPN_ IPsec_ Edit Phase 2.jpg_thumb)
Looking at it briefly I think you should look at the peer identification. It looks like the 800 is set to FQDN and pfSense is set to IP addresses.
I have this working, will post the configs for anyone's reference..