I got :
arm1 - Opnsense1 - gw - Opnsense2 - arm2
when i try ping from arm1 to arm2 i see messages about loss packets: Time to live exceeded
from arm2 i can ping Wan interface of Opnsense2 10.8.10.6/30, but cant ping 10.8.10.5/30 interface of gw.
Mb u know where should I check something?
Maybe you need to unblock private networks in your Interface: [WAN] configurations?
Cheers,
Franco
Unlocked privates and bogon networks and disabled all packet filtring
Will it works, if I use opnsenses without Internet connection? I connect them through gw ( debian ):
(http://itsecforu.ru/wp-content/uploads/2017/08/nwdiag-48a3e232b63102dcd2b78fbbd64a8eb78bbda453.png)
and I use gw for WAN interfaces 192.168.2.150 and 10.8.10.5 ip-adresses respectively. Would it work correct ?
in file /etc/defaults/rc.conf :
gateway_enable = "NO"
Is it ok?
Now I fix it. :D Problem was with ip address ob debian.
But now i got other one :D
I can ping remote opnsense's wan interface but cant ping lan ? any ideas how to tune it?
Need I surely make Firewall Rules Site A & Site B for using Ipsec , or I can disable all packet filtering?
I mean: Do I need to make Firewall rules how u show it in tutorial or I can disable it and Ipsec will work?