IPSec vpn between two IPFire devices

firewall · 16 November 2022 14:26

Hello, all. I have made an IPSec vpn between two IPFire, the connections are green. this working.
I can ping the LAN ip address of the second IPFire (10.0.0.1) = gateway. this is working.
But when I ping a Linux server ip 10.0.0.138 I have no response so the connection between 10.0.0.1 and 10.0.0.138 is not working. And in the list of DHCP is standing IP 10.0.0.138
when I log in the IPFire as root and from there do I a Ping to 10.0.0.138 than I have a response.
IPFire version 2.27 (x86_64) - core-Update 171

C:\Users******>tracert 10.0.0.1

Tracing route to 10.0.0.1 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms ipfire.domain.local [192.168.0.231]
2 14 ms 14 ms 14 ms 10.0.0.1

Trace complete.

C:\Users******>tracert 10.0.0.138

Tracing route to 10.0.0.138 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms ipfire.domain.local [192.168.0.231]
2 60 ms 62 ms 65 ms 10.0.0.1
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.

roberto · 16 November 2022 19:37

Hi @firewall.

if you have the same IPS range on both Green Interfaces, you can have overlap. To avoid this, you should put one interface in the 1.0.0.x range and another in the 10.0.1.x range and configure everything accordingly.

Perhaps this is not your problem and you have misunderstood the statement. English is not my native language.

Surely someone who knows more can shed some light for us.

Regards

jon · 16 November 2022 20:27

should this be the 10.0.0.x range ?

roberto · 16 November 2022 20:45

Opsss. Wrong write. Thanks @jon for your correction

bbitsch · 16 November 2022 21:03

My fault.
I’ve edited the title and some text ( IP address according to the rest of the post ). Hope my corrections didn’t make more confusion.

firewall · 17 November 2022 07:28

It’s not the Green Interfaces, I ment the status of the vpn is active.

bbitsch · 17 November 2022 09:14

@firewall :
Could you describe a bit more your configuration?
How are the two local networks?
How is the IPSec network configurated?

Not using some VPN networking, it would help to have some topics to search to assist you.

firewall · 17 November 2022 11:02

maybe that will make it clearer.

svenf · 21 November 2022 09:07

Did you add firewall rules for vpn <–> green network on both firewalls to allow trafic?

firewall · 21 November 2022 09:22

Thanks for support but I found the problem.
I have to configure the NAT.

tphz · 21 November 2022 15:03

Could you show the result of the command ip route on Linux server 10.0.0.138 ?

cwensink · 8 December 2022 15:33

We are having a similar problem, can you outline each rule you had to adjust/create to make it work?