The IPSec site-to-site link I have in place between two sites runs over ADSL which I get from two different providers, one at each end.
One of them (BT) is blocking traffic on UDP port 500 and 4500. I suspect the technical reasoning for this is because they are twats...None the less, I have to use port redirection. Outgoing traffic on UDP ports 500 and 4500 are NAT'd on the way out to the destination on 501 and 4501 respectively. At the other end connections are NAT'd coming in on UDP ports 501 and 4501 to the firewall on 500 and 4500 respectively. Check you actually have connectivity between the two sites first, ping them perhaps...Then check there is UDP connectivity on these ports and also try other UDP ports in case they are being blocked/filtered. -- Regards, James. http://www.jamesbensley.co.cc/ There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...? --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
