Having switched recently from OpenVPN to IPsec (IKEv2 only) for 3 site to site tunnels, I'm still debugging why I can only get it to work for IPv4. Phase1 are setup with IPv4. Adding two phase2, one tunnel4 and one tunnel6, nothing flows through the tunnel6.
Capturing on IPSEC interface on one side attempting a ping to remote site, I see for instance: 17:33:25.757775 (authentic,confidential): SPI 0xcf5bb1d6: IP6 fd00::1:1 > fd01::107: ICMP6, echo request, seq 170, length 40 But I get no replies from the other party. What's more, capturing ESP on the other side, I get NO incoming ESP packet at all. If I'm pinging IPv4, I trace the echo requests, I have ESP packets flowing on the other site and the echo replies on the sender: all works (can pipe any IPv4 traffic with excellent performance). Only the IPv6 seems stuck. Capturing the echo requests on the sender IPSEC interface, does this prove the packets embark the tunnel (and so that the issue is on the other end)? Or not? -- Meilleures salutations, Met vriendelijke groeten, Best Regards, Olivier Mascia, integral.be/om _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
