Hi guys,
I am trying to setup IPsec from my Opsense box at home to my AWS.
Opnsense LAN 192.168.1.0/24
AWS VPC 172.31.0.0/16
I have got the IPSec tunnel to establish but pings etc are not working.
It seems the Opsense side can receive traffic, but cannot send out traffic.
Reason I know this is, if I ping from my AWS to Opnsense I can see the "Bytes in" increases, so means traffic is flowing into Opnsense, but nothing seems to go out from Opnsense because if I ping from Opnsense side to AWS, the "Bytes out" does not change.
These are my current rules:
Firewall > Rules
WAN allow Port:TCP/UDP 500, 4500
IPsec allow Source: 172.31.0.0/16 to any
IPsec allow Source: 192.168.1.0/24 to any
LAN allow Proto: ICMP any any
This is what the status shows on Opnsense IPsec status
Time : 1375
Bytes in : 672
Bytes out : 0
Am I missing some firewall rule, or do I need to add any Routes or NAT rules. Please help???
I have been stuck with this for over a week and its driving me nuts.
Install Policy is enabled?
Sorry not sure what Install Policy is. Can you please explain what this is?
In Phase1 Tunnel config
OMG, you are a genius. Seriously 1 week I could not figure this out, all it took was that one tip from you, I enabled "Install Policy" and now traffic is flowing both ways and pings are working. Thanks I feel so happy right now!!
Honestly, I felt down all weekend cause I could not get this to work. Thanks again mimugmail!!!