Mousemen wrote:
Where do I put in the rules to allow ipsec traffic onto the local network? Having a hard time locating that part
As stated in the original post referenced, I'm not sure the best way to handle this. What I did was add rules to allow any traffic from enc0 to the local network resources required by a client. All IPsec decrypted traffic will appear on this pseudo device. Its gets tricky when client IP addresses are dynamic.
A more elegant solution could be devised using the racoon phase1 up/down scripts but that is something a pfsense developer would need to look at.
Hope this helps, -Matthew --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
