07-18-2018 05:53 AM - edited 07-24-2018 09:12 AM
I am trying to bring up the S2S tunnel between a Cisco 4331 router and a PF Sense firewall.
router (192.168.5.2) --> ISP Modem(x.x.x.x) <--> Internet <--> ISP Modem (y.y.y.y)--> PF Sense firewall (172.16.10.1)
Both parameters are equal at both ends, cross verified a few times.
Any thing needs to be added when configuring these type of scenarios?
Following is the debugs received from the router also contains config.
07-18-2018 10:52 AM
07-18-2018 09:32 PM
Its a static nat in the ISP modem at both ends.
07-24-2018 07:05 AM
I would verify that the PF Sense firewall is receiving the authentication exchange message on port UDP 4500 with a capture. The router keeps retransmitting because it does not hear back from the firewall.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: