> On 8/1/2012 6:00 AM, Maykel Franco Hernández wrote: >> I try configure the ipsec for remote connection. I need write in the >> local network in phase 2 a local network different to LAN. But, I >> configured the local network in phase 2 a ip different to LAN and not >> appear the button connect in status ipsec tunnels.... > > The connect button only shows up if you have an IP on the firewall > inside the other subnet. It isn't necessary. Once some traffic that > matches the Phase 2 hits the firewall, it will try to bring the tunnel up. > > So if you have a system inside that other subnet, just try to ping from > there to the far side of the tunnel and it will attempt to connect the > tunnel. > > Beyond that you haven't provided enough detail about what you have and > what you're trying to accomplish to give a reasonable response. > > Jim > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list >
ok thanks. The issue is I have the firewall pfsense with 3 ips, for example: WAN -> 1.1.1.1 LAN -> 172.10.10.1/24 OPT -> 5.5.5.5 I need the connect pfsense ipsec with CISCO. The router Cisco, has the follow configuration ipsec: Remote Subnet -> 10.218.34.22 Local Subnet -> 192.168.1.20 Gateway -> 70.63.55.66 I try the connect pfsense with CISCO but the problem is in the fase 2, en the field Local Subnet, pfsense always configure with Local Subnet(Lan Subnet) and the Remote Subnet(10.218.34.22) but I don't work. Fails in fase 2. ERROR: ERROR: notification NO-PROPOSAL-CHOSEN received in informational exchange. ERROR: error message: 'h'. I configured pfsense with follow configuration but not appear the button "CONNECT VPN"... Remote Subnet -> 10.218.34.22 Local Subnet -> 192.168.1.20 Gateway -> 70.63.55.66 Can I nat origin in pfsense? Could try to source nat origin: source: 172.10.10.1/24 destination: 70.63.55.66 nat translation: 10.218.34.22 But I don't work... The problem is the CISCO wait the parameter as Remote Subnet 10.218.34.22, however not works because PFSENSE sent Lan Subnet(172.10.10.1) -> LAN Sorry for my english, thanks in advanced. -- ADMIN: Maykel Franco Hdez _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
