We are building an onsite network here and we are using PFSense 2.0 as our firewall. We have no trouble connecting to various services and other VPNs but for some reason we cannot connect using cisco's IPSec VPN client — either the cisco branded one or the native one on linux or OSX. The handshake portion of the connection times out and users are never even prompted to authenticate.
We have confirmed that there is not an upstream routing issue — when connected directly through the wan or even through a different NAT gateway things work as expected so we are fairly certain it is a setting on the PFSense boxes.
I've tried various internet searches to come up with an angle but most focus on making a point to point VPN with PFSense rather than client connection issues. Is this something anyone has seen and more important solved?
Best Answer
I had a similar cisco vpn client connection problem this morning after an update to pfsense 2.0.3-RELEASE (amd64):: Our problem was that a working cisco vpn client on an earlier version of pfsense 2.0.1-RELEASE (amd64) functioned even with the "Transport" option set to "Enable Transparent Tunneling"
Now with the ver 2.0.3-RELEASE i have to diable this to get the cicso vpn client to work with retun packets comming in! You can verify this if you are able to connect and get no or ZERO return packets, then try to MODIFY your cisco client setup to (DISABLE) turn off the Transparent Tunneling and check if you get Return packets in the statistics once connected.
check the link below from pfsense documents website which talks about this issue.
http://doc.pfsense.org/index.php/Cisco_VPN_pass_through_not_working_when_behind_pfSense