On Thu, Jun 25, 2009 at 1:59 AM, Guruprasad-Baysoft<g...@baysoft.in> wrote: > I am using safenet softremote LT client software. My customer sent the > security policy editor config file. So i just imported that in my safenet > vpn client software and using. Hence i donot know what is the remote vpn > server i am connecting to. > > My doubt is whether i need to explicitly configure anything in my pfsense > firewall to allow the outgoing ipsec traffic? >
That depends. Usually, yes, just add appropriate rules (the default LAN rule suffices). By default we don't rewrite the source port on UDP 500 traffic because it frequently breaks IPsec, but that can cause other difficulties in less common scenarios. If it's using NAT-T that won't be related. Hard to say what you might be seeing, the NAT behavior hasn't changed since the original 1.2 release so I doubt if it's related to what version you're running, maybe a change was made to the remote end. What is the error you're seeing, or the exact problem? --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
