Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No traffic from one pfSense to another

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 811 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cyberfinn
      last edited by

      Hey

      Running two pfSense instances. Running a IPSec tunnel between the two sites.

      pfSense 1:
      LAN: 10.10.0.0/16

      IPSec phase 2:
      Local Network
      Type: Network
      Address: 10.10.0.0/16

      Remote network:
      Type: Network
      Address: 10.0.0.0/15

      pfSense 2:
      LAN: 10.0.0.0/15

      IPSec phase 2:
      Local Network:
      Type: Network
      Address: 10.0.0.0/15

      Remote network:
      Type: Network
      Address: 10.10.0.0/16

      The problem is that pfSense 1 can't connect to anything on the 10.0.0.0/15 subnet. All clients/servers on 10.10.0.0/16 can.
      pfSense 2 can connect/ping on the 10.10.0.0/16

      There is a allow all for IpSec in both boxes.

      How to debug this behavior?

      1 Reply Last reply Reply Quote 0
      • K
        kapara
        last edited by

        Post screenshots of phase 1/2 for both masking confidential IP info.  Without more info it is difficult to guess and more info means quicker resolution.

        Skype ID:  Marinhd

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          And I'll say it. /15 and /16? Really?

          Hopefully you're subnetting those out to hundreds of sites.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.