Hello,
i run an dualstack IPsec connection between two sites for quiete some time. Both sides run OPNsense BE. The IKEv2 policy based tunnel is running on IPv4 transport and has two phases, one for IPv4 and another one for an IPv6 Subnet.
After updating both sides to OPNsense Business Edition 22.04, IPv6 between this sites suddently stopped working. I checked every setting, rules, phases and sniffed several interfaces and found something strange in that process. My first tought was Strongswan is not sending anything at all, but then i found that everything i send reaches the remote sites server and the response reaches my local firewall, i can see reponses on enc0: but it never reaches my local LAN. I temporarly set an allow rule for everything that comes in on ipsec but no luck, traffic is stuck in the firewall.
I have a second tunnel based on Zerotier to another site that works fine with IPv4 and IPv6. I have a IKEv2 Mobile IPSEC connection on my local Firewall that works fine, both IPv4 and IPV6.
What can possibly block incoming IPv6 traffic that comes trough that IPSec tunnel? i see reponses on enc0, but never reaches out to my LAN. It all worked well on the previous version.
I am a bit lost here.