Page 1 of 1

Running Layer 2 Bridge behind pfSense firewall not working !

Posted: Tue May 23, 2017 11:08 am
by centeredki69
Hi,
I have been using Softether for 4 years using the Site to Site cascade connection and local bridge set at both location and it work as expected like a Layer 2 bridge. Both site use consumer Soho routers.

I recently replaced the Soho router at the Server site and started using a pfSense Router/ Firewall with the same port forwarded. The VPN is able to connect but it does not function correctly. Some of the network PC will not show up. I cant ping some machines but can ping other.

It seems I need to set up some route or setting on the pfsense. Both the softether Server and Bridge machines have not changed in any way.

Thank you

Re: Running Layer 2 Bridge behind pfSense firewall not worki

Posted: Wed May 24, 2017 5:52 pm
by centeredki69
I guess no one here uses pfSense Firewall.

Re: Running Layer 2 Bridge behind pfSense firewall not worki

Posted: Wed May 31, 2017 5:55 am
by thisjun
Please try to disable NAT-T and UDP acceleration mode.

Re: Running Layer 2 Bridge behind pfSense firewall not worki

Posted: Fri Jun 02, 2017 11:05 am
by centeredki69
Thank you Thisjun,

The changes you suggested fixed the issue.

Can you explain why when using my SOHO ASUS router I could leave the NAT-T and UDP acceleration enabled? MY understanding is using these features speed up the VPN connection.

Now using pfSense I have to disable these 2 options. Is this due to pfSense being a more powerful firewall then the SOHO router? Is there setting on the pfsense that would allow me to to use the NAT-T and UDP Acceleration.

Thanks again for you help.

Re: Running Layer 2 Bridge behind pfSense firewall not worki

Posted: Thu Jun 15, 2017 5:34 am
by thisjun
With some router, UDP packets are lost periodically.
However, we couldn't find the cause.

Re: Running Layer 2 Bridge behind pfSense firewall not worki

Posted: Mon Jul 31, 2017 10:53 am
by alex1957
HI, i have some problem with PFsense.
Could you post setting of rules, nat and routing.

Bye
Alex