OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: NicoRC on November 15, 2018, 05:47:28 pm

Title: IPSEC, LAN and Default deny rule
Post by: NicoRC on November 15, 2018, 05:47:28 pm: Hello,

I have 2 OpnSense connected by an IpSec VPN.

The lan net of the first OpnSense is 192.168.10.0/24
The lan net of the second OpnSense is 192.168.20.0/24

The VPN works but I have a problem with the connections that are in the "In" directions:

Interface   Dir     Time                    Source                    Destination              Proto   Label
lan           In        Nov 15 17:31:31   192.168.20.21:49677   192.168.10.35:58034    tcp      Default deny rule
lan           Out      Nov 15 17:31:25   192.168.10.35:58107   192.168.20.21:49677    tcp      let out anything from firewall host itself

This log is from the OpnSense on the 192.168.20.0/24 lan.
As you can see, the "In" connection is denied by the "Default deny Rule" and the "Out" connection is allowed.

I have tried to create a firewall rule on the lan to allow from 192.168.10.0/24 but it does not work.

Proto      Source           Port Destination      Port   Gateway
IPv4 *   192.168.10.0/24   *      192.168.20.0/24   *     *

Can you help me to find a solution?

Nicolas

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy