I've done this. IIRC It was a PITA.
I'm having trouble finding my notes but my recollection is that the
Cisco nomenclature is different.
Also, the only cyphers and keys I could make work were as follows:
Key exchange v1
Phase 1 Auth
Auth: Mutual PSK
Nego: Main
Phase 1 Prop
AES 128
Sha 1
DH 2 (1024)
Same Key, Hash, and cipher for phase 2
Don't forget about MTU when using IPSEC. I can't remember the default
these days, but on pfSense under advanced IPSEC settings, you'll want to
ensure MSS clamping is enabled so you don't have to reduce MTU on your
WAN. If your remote Cisco hardware doesn't support the same, you may
have to reduce MTU.
On 4/21/2016 9:26 AM, Ian Bowers wrote:
How/when is it failing?
On Thu, Apr 21, 2016 at 10:01 AM, user49b <user...@gmail.com> wrote:
Hi
Please could someone point me to some descent documentation.
I'm struggling to get IPsec VPN connection working to a Cisco VPN server
from behind pfSense.
So I have a terminal server behind pfSense, and trying to connect to VPN
server on internet.
Regards
Chris
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
