Netgate SG-1000 microFirewall

Author Topic: PFSense IPsec to Sonicwall - SMB working, DNS/PING not working  (Read 138 times)

0 Members and 1 Guest are viewing this topic.

Offline sgentile87

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
PFSense IPsec to Sonicwall - SMB working, DNS/PING not working
« on: January 25, 2018, 10:28:34 am »
192.168.16.0 >< 16.1 pfsense < internet > sonicwall 44.1 >< 192.168.44.0

Can browse shared folders over vpn just find, cannot ping across from 44 to 16 subnets.
pfsense can ping 192.168.16.x, cannot ping 192.168.44.1

On the PFSENSE:
I noticed in System>General Setup, the DNS servers are all configured to public servers, eg: 8.8.8.8, 8.8.4.4
I see that DNS Forwarder is not enabled (unchecked)
I see that DNS Resolver is enabled (checked) and configured to listen on 53, on ALL network interfaces, sending out of ALL network interfaces. Set to Transparent with Enable DNSSEC Support checked. Nothing else is configured here, but I believe this may play a part in the issue.
Nothing is configured in Outbound NAT
Access rules I added specific rules  to allow traffic on all ports between each network, on the IPSec interface.

Any advice, to get dns working between them?

Offline sgentile87

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: PFSense IPsec to Sonicwall - SMB working, DNS/PING not working
« Reply #1 on: January 25, 2018, 10:49:50 am »
I did just find this..

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9827
  • Karma: +1111/-311
    • View Profile
Re: PFSense IPsec to Sonicwall - SMB working, DNS/PING not working
« Reply #2 on: January 25, 2018, 01:55:20 pm »
You need to pass traffic you want to pass INTO an IPsec node (as in connections from the other side) on the Firewall > Rules, IPsec tab.

Make sure what you have there isn't set to TCP only. (DNS is usually UDP and ping is ICMP.)
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline sgentile87

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: PFSense IPsec to Sonicwall - SMB working, DNS/PING not working
« Reply #3 on: January 25, 2018, 02:06:58 pm »
Thanks for the reply!

This is what I have in there right now, to no avail:


Offline NogBadTheBad

  • Sr. Member
  • ****
  • Posts: 502
  • Karma: +45/-0
    • View Profile
Re: PFSense IPsec to Sonicwall - SMB working, DNS/PING not working
« Reply #4 on: January 25, 2018, 03:40:17 pm »
You'll either need to add a rule for ICMP or change the top protocol to any if you want pings to work as per Derelicts post.

Status -> System Logs -> Firewall -> Normal View if you click on the + it will add a rule if your not sure.
« Last Edit: January 25, 2018, 03:48:22 pm by NogBadTheBad »