Ping problem on Ipsec

[johnatemps]

Hi all,

Sorry beforehand for my very bad English ...

I discovered yesterday ipsec so sorry if I'm not always the exact terms.

So here is my problem. I configured a ipsec server on pfsense without problem.

I runs the client and ipsec connection that goes well.


Here the network diagram :

VPN client: 10.110.1.0/24 ---------- ---------- Internet WAN (PPPoE): 109.111.222.333 - pfsense - LAN: 10.10.1.201/24 - ------- Lan: 10.10.1.0/24


The problem is that when I'm connected to VPN 10.110.1.0 I can not ping remote computers in 10.10.1.0.

I started a ping from 10.10.1.1 to 10.110.1.3. I ran Wireshark on the post 10.10.1.1 and ping arrive well. But the return it passes less well.
The traceroute of 10.110.1.3 on 10.10.1.1 indicates me that after 10.10.1.201, packages it lose.

1    <1 ms    <1 ms    <1 ms  10.10.1.201
 2     *        *        *     Délai d'attente de la demande dépassé.
 3     *        *        *     Délai d'attente de la demande dépassé.

Have you any idea?

Thanks

[mauirixxx]

while I'm REALLY new to pfsense (like 4 days old haha), I had a problem similar over my ipsec vpn. I could ping from the remote office to the main office, but not the other way around.

I ended up going to Firewall -> Rules -> IPsec @ the remote office, and made an "any" rule (any protocol, source, port, destination, gateway). Once I did that, I could ping and traceroute both ways across the link.

Basically, you have to treat the IPsec tunnel as any other network adapter it seems. Hope this helps.