Bytes-Out: 0(0B) Phase 2 IPSec tunnel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 01:06 AM
Hello,
I have an issue with Phase 2 of VPN tunnels.
Despite I checked IPs to be whitelisted and configuration to matches on both ends, I can't send traffic to the partner end.
Any advice on troubleshooting this or check the potential issue ?
- Labels:
-
WAN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 03:19 AM
what is the platform you use ?
MHM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 03:21 AM
I use Pfsense
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 03:37 PM
the question is what are you using on the other side. a tunnel has two endpoints. what is other side of the pfsense ?
have you tried to generate traffic from pfsense side and are you seeing the outbound packet / SA traffic increase ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 06:09 PM
if one side is cisco I can help you if not sorry maybe other can help you
thanks a lot
MHM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 09:21 AM
It is clear that packets are coming to pfsense but no packets are going out..
Please check the protected traffic (source and destination) that you define in the crypto acl is correct ? and traffic from the pfsense side is received by the pfsense correctly.. can you put some subnets on each side and show the ipsec sa etc so we can understand this better.
are you using a ASA or ios router on the other side ? please get "show crypto ipsec sa" from the cisco side.
