Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: r.laffont on April 15, 2026, 04:49:46 PM

Title: Routing issue over IPsec VTI with BGP
Post by: r.laffont on April 15, 2026, 04:49:46 PM
Hi everyone,

I have set up a IPsec tunnel between an OPNsense firewall and a Sophos firewall using VTI.
From the OPNsense VTI interface, I can successfully ping the Sophos VTI IP and vice versa.

I have initiated a BGP session between these two interfaces, and I can see the routes being exchanged on both firewalls.

However, from a PC behind the OPNsense, I am unable to ping or run a traceroute to the Sophos LAN interface.
I have already created the necessary firewall rules to allow traffic on both sides.

Thank you in advance for your help.
Romain
Title: Re: Routing issue over IPsec VTI with BGP
Post by: Seimus on April 16, 2026, 01:36:29 PM
Does the Sophos have the route back to the PC behind OPNsense?
Does the Sophos know how to route back to the PC?

Regards,
S.
Text only | Text with Images