Hello all, For the past couple weeks as I did not have time to keep toying with the issue, I maintained two WAN/LAN pfSense boxes--one for termination from an SDSL line and one from a T1. This weekend, I had time and was certain it was possible, I'm just missing something.
For your reference, please see http://www.offramp.org/~ggreen/ where I have posted a diagram. See, I have 5 NICs in the pfSense box (and two interfaces I am not using presently), LAN, WAN (T1) and OPT1 (SDSL-WAN). IPSEC works beautifully if it terminates on WAN, but if it terminates on OPT1 I can never seem to get over to the LAN or back! The SA shows up and everything, I've tried every permissive firewall rule I can think of, but it just *works* from WAN, not from an OPT. I am going to try a snapshot tonight as a last ditch effort; it looks like one was updated today. Or maybe I am misunderstood in that it's always that way. We'll see shortly... Gabe
