pfSense Forum

pfSense English Support => IPsec => Topic started by: johnwm47 on January 31, 2018, 02:54:45 pm

Title: Additional Details for IPSec Mobile Clients
Post by: johnwm47 on January 31, 2018, 02:54:45 pm
Hello,
I was wondering if there was anything I could do to get additional client details for IPsec mobile VPN clients. Currently, when I have clients connected, I can see in the Status page a Local ID, Local IP, and even a Remote ID.

My VPN settings are set to assign addresses to clients starting at 10.120.0.128, so if I'm the first or only client connected, I would receive that address. Subsequent connections would receive 10.120.0.129, and so on.

On the status page, I would expect to see a list of these clients with their local IPs, however I don't. Is there anywhere on the router where I can pull more info on the connected mobile clients? Anyway to monitor their traffic? See the user info they used to connect to the VPN with? MAC address of the device? Anything

Attaching a screenshot with what limited info I can pull at the moment.

Thanks for the help!
Title: Re: Additional Details for IPSec Mobile Clients
Post by: laped on January 31, 2018, 03:13:42 pm
In the ipsec status you should see SPD and SAD where you got the remote ip for both end points and its mobile IPv4 address given. You can also see bytes sent in both directions.

On the dashboard you can also add the IPSec widget.
Title: Re: Additional Details for IPSec Mobile Clients
Post by: johnwm47 on February 08, 2018, 11:45:45 am
Thanks for the reply!
I'm checking those tabs, and I only see the remote public IP, not the local IP that the client is receiving from pfsense.
The scenario is, I'm rolling this out to a company of multiple users, and I would like to be able to identify each client on the router, but it seems like that info is obfuscated from me at this point.
Appreciate your help!