Pfsense on AWS and Source/Dest. Check tip

Hi,

 

If you are going to deploy pfsense  on AWS.  https://www.netgate.com/docs/aws-vpn-appliance/vpc-guide.html document is pretty good.

But there is a one important point that you should take care.

Be sure that Source/Dest. Check: false on both ethernet interfaces(eth0 and eth1) of pfsense instance.

If you select the pfsense instance and disable source/destination check from the menu like above. It will disable only one interface(eth0)

pfsense.png

 

Unfortunately, private ethernet interface eth1  Source/Dest. Check status will stay Enabled.

You have to go to the network interfaces section on the left and find your eth1 interface then disable it choosing Action-> Networking->Change source/Dest. Check

pfsense2.png

also do not forget to create NAT rules on pfsense.

 

ismail yenigul

 

Advertisements
Pfsense on AWS and Source/Dest. Check tip

One thought on “Pfsense on AWS and Source/Dest. Check tip

  1. Tom says:

    Hi, I was setup a pfSense on AWS and disable the source/dest check. The IPSec site-to-site VPN is working, but I try to use other instance in the same subnet. The traffic cannot route to the IPsec. Any idea? Can you PM me?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s