Hello,
I'm running the latest release of OPNsense v25.1.5. I have 4 tunnels configured using the legacy IPSec and was able to transferred them over to the new Connections and disabled the tunnels in legacy.
One of the tunnel I'm having issues which has two child objects
My FW: "192.168.2.5/32"
Other FW: "10.168.9.1/32 and 172.2.2.1/32"
I can only connect to the first Child "10.168.9.1" if I change the config and use "172.2.2.1" as first Child it will connect and "10.168.9.1" will be dropped. I have tried adding both tunnel IP into 1 child object but still the same issue only the first will connect.
I don't have this issue when using the legacy tunnel which is nearing the EOL.
For time being I have enabled legacy for "172.2.2.1" and connection for the "10.168.9.1"
Can someone please provide some help. I'm lost.
Quote from: niravopn23 on May 06, 2025, 05:56:28 PMOne of the tunnel I'm having issues which has two child objects
My FW: "192.168.2.5/32"
Other FW: "10.168.9.1/32 and 172.2.2.1/32"
Try to put both into a single child.
I already tried that but same issue, only the first IP gets connected.
Can anyone please provide some help?
Did you ever get this reolved, same issue and ended up having child objects for each.
Quote from: guyp2k on May 18, 2025, 05:47:07 AMDid you ever get this reolved, same issue and ended up having child objects for each.
Unfortunately no, I have tried separate child object and only first child obj will connect. If you got it working can you provide some guidance. Currently I have legacy tunnel for one child obj and new connections for the second.
Thank you
Hello all,
today I wanted to built up a tunnel in a similar scenario, where there are multiple Remote networks in one child SA. I also get only one SA with one of the Remote Networks established. What for a limitation is this? Is there a solution for this? Otherwise we will not be able to use OPNSense for our customers.... This is a common scenario that needs to work.
Any feedback appreciated!