Hi there,
I have a weird issue. Consider this simple setup:
+----------------+ MGTNET1 +-------------------+
| +-----------+ |
| Linux Box 01 | | OPNsense Box 01 |
| +-----------+ Site 01 |
+----------------+ SVCNET1 +-------------------+
MGT|| SVC||
TUN|| TUN||
|| ||
|| ||
|| ||
|| ||
|| ||
+----------------+ MGTNET2 +-------------------+
| +-----------+ |
| Linux Box 02 | | OPNsense Box 02 |
| +-----------+ Site 02 |
+----------------+ SVCNET2 +-------------------+
Symptoms:
* Linux box 01 can reach OPNsense Box 01 (Ping/SSH/...) on MGTNET1
* Linux box 01 has a routing table entry to reach MGTNET2 (Gateway: MGTNET1 interface on OPNsense box 01).
* However, Linux box 01 can't reach Linux Box 02 (Ping/SSH/...)
* Nevertheless OPNsense box 01 can reach Linux Box 02 (Ping/SSH/...) via MGTTUN (OpenVPN)
* Ping packets originating from Linux box 01 arrive on MGTNET1 interface of OPNsense Box 01 (TCPdump -i MGTNET1)
* However, the ICMP/ping packets originating from Linux box 01 are not forwarded to the MGTTUN interface of OPNsense Box 01 (TCPdump -i MGTTUN). In fact, I've checked all the other interfaces on OPNSense Box 1 (unsing TCPdump) to see whether the ICMP/ping packets disappear to somewhere else, but they appear on no other interface at all :o
* Pinging Linux host 2 from Linux host 1 via the SVC* Links works as expected.
Any help/pointer would be greatly appreciated.
Best,
KiwiEater
Hi there,
sorry to bother... it was a missing firewall rule.
:-[ Embarrassed...
Best,
KiwiEater