OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: dangxian on October 22, 2018, 05:22:32 pm

Title: static routes through interface not gateway
Post by: dangxian on October 22, 2018, 05:22:32 pm: Hello everybody,

I have a question about static routes

My use case seems to require a route setup through an interface not a gateway.
Currently i had to setup this route using the shell :

route add 169.254.255.253/32 -iface enc0
route add 169.254.255.254/32 -iface enc0

Is there a way to setup this kind of static route using the web interface, it seems that only routes with gateway are possible to define, not routes trhough interface.
If it's not possible, how to define these routes permanently at each reboot and opnsense update and upgrade ?

Regards

OPNsense 18.7.4-amd64
Title: Re: static routes through interface not gateway
Post by: franco on October 23, 2018, 06:10:15 pm: Hi dangxian,

enc0 routing is not supported by the kernel due to the trust model of IPsec itself.

There's only room for phase 2 networks (remote) and manual SPD entries (local) that you want to be able to push through.

There's also if_ipsec in FreeBSD since 11.1 that can help with routing in the way you want it, but it still requires proper phase 2 setup and is not yet implemented in OPNsense.

Cheers,
Franco
Title: Re: static routes through interface not gateway
Post by: dangxian on November 05, 2018, 12:03:29 pm: Hi Franco,

thank you for this clear and technical reply.

Regards,

Dangxian

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy