This is my network
I use R1700<--->R1700 IPSEC vpn and
work fine whit access-list 100 192.168.3.0
But when i add in access-list 100 network 10.10.10.0/24 (lan1) not work.
FreeBSD is a Firewall(ipfw) who permit only HTTP server 10.10.10.10 on port 8080.
When stop ipfw and pass ip from any to 10.10.10.10 it work, but no security
who port i need to allow on BSD firewall to pass Ipsec
Its not the IPSEC traffic flowing through the BSD firewall. So you need to make sure that the IP traffic that needs to travel across the BSD firewall. E.g. HTTP on port 8080 is open but is it the HTTP on 8080 that we are initiating? If it is some other type of traffic then we need to make sure that it is permitted. Is this a PIX firewall, if yes then could you also send the config?
*Please rate if helps,