On 8/18/2011 10:29 AM, Fabien Bagard wrote: [...] > From the network beyond the PFSense, I can't ping machines beyond the > IPCop. [...] > What gives me trouble is : > * IPCop side, I have an ipsec interface, with an IP address and route > to the other side of the IPSec tunnel > * PFSense side I have an enc0 interface, without IP address and no > trace of a route in the routing tables to the IPCop side :
There is no route for IPsec on FreeBSD. That's just how IPsec works. If traffic matches the phase 2 for the tunnel, it goes on the tunnel. Your problem may be elsewhere (firewall rules, etc) - some packet captures should show you how the traffic is (or isn't) flowing. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
