The only config that reaches the internet is having NAT-T on but trying to connect to ipsec initially is the problem. With NAT-T off it connects every time but cannot reach anything.
> On Aug 19, 2014, at 7:06 PM, Ryan Coleman <ryanjc...@me.com> wrote: > > I had been before I was relieved of my duties 8 months ago. It does work but > I have little to suggest to you at ht moment. > > > >> On Aug 19, 2014, at 16:19, Paul Galati <paulgal...@gmail.com> wrote: >> >> Anybody on the list using Mac OS X 10.6 or later and the built in Cisco >> IPSec Client connecting to pfSense with any reliability? I am having a heck >> of a time getting the expected result. I have a couple users that want to >> connect via IPSec and use the CUPC client to make phone calls. When I >> initially setup the server and client according to different how-to’s on the >> web, I was able to connect and reach the internet as well as the internal >> networks and make phone calls. Later that same day without changing a >> single piece of configuration, I am unable to connect because the >> negotiation failed. It continues to not respond for many hours but at some >> point starts to respond again. I have not been able to formulate proof of >> reason. If I simply turn off NAT-T in Phase 1, I am able to connect every >> time I have tried BUT, I am not able to reach anything on the remote side >> despite receiving a valid IP address from the mobile client config. I >> believe I have the appropriate config in the rules for IPSec and LAN but I >> am not having much luck. >> >> Anybody have any insight that might be useful for me? >> >> I have some openVPN questions too but that will wait until IPSec is done. >> >> Thanks, >> Paul >> >> >> >> _______________________________________________ >> List mailing list >> List@lists.pfsense.org >> https://lists.pfsense.org/mailman/listinfo/list > > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
