Netgate SG-1000 microFirewall

Author Topic: Ping problem on Ipsec  (Read 1378 times)

0 Members and 1 Guest are viewing this topic.

Offline johnatemps

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Ping problem on Ipsec
« on: June 08, 2012, 02:25:26 am »
Hi all,

Sorry beforehand for my very bad English :D...

I discovered yesterday ipsec so sorry if I'm not always the exact terms.

So here is my problem. I configured a ipsec server on pfsense without problem.

I runs the client and ipsec connection that goes well.

Here the network diagram :

VPN client: ---------- ---------- Internet WAN (PPPoE): - pfsense - LAN: - ------- Lan:

The problem is that when I'm connected to VPN I can not ping remote computers in

I started a ping from to I ran Wireshark on the post and ping arrive well. But the return it passes less well.
The traceroute of on indicates me that after, packages it lose.

1    <1 ms    <1 ms    <1 ms
 2     *        *        *     Délai d'attente de la demande dépassé.
 3     *        *        *     Délai d'attente de la demande dépassé.

Have you any idea?


Offline mauirixxx

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-1
    • View Profile
    • Spacemonkey Counter-Strike - old school
Re: Ping problem on Ipsec
« Reply #1 on: June 29, 2012, 04:27:36 pm »
while I'm REALLY new to pfsense (like 4 days old haha), I had a problem similar over my ipsec vpn. I could ping from the remote office to the main office, but not the other way around.

I ended up going to Firewall -> Rules -> IPsec @ the remote office, and made an "any" rule (any protocol, source, port, destination, gateway). Once I did that, I could ping and traceroute both ways across the link.

Basically, you have to treat the IPsec tunnel as any other network adapter it seems. Hope this helps.