OPNsense Forum

English Forums => 18.7 Legacy Series => Topic started by: NicoRC on November 15, 2018, 05:47:28 pm

Title: IPSEC, LAN and Default deny rule
Post by: NicoRC on November 15, 2018, 05:47:28 pm
Hello,

I have 2 OpnSense connected by an IpSec VPN.

The lan net of the first OpnSense is 192.168.10.0/24
The lan net of the second OpnSense is 192.168.20.0/24

The VPN works but I have a problem with the connections that are in the "In" directions:

Interface   Dir      Time                       Source                         Destination                 Proto   Label   
lan            In        Nov 15 17:31:31   192.168.20.21:49677   192.168.10.35:58034    tcp      Default deny rule
lan            Out      Nov 15 17:31:25   192.168.10.35:58107   192.168.20.21:49677    tcp      let out anything from firewall host itself   

This log is from the OpnSense on the 192.168.20.0/24 lan.
As you can see, the "In" connection is denied by the "Default deny Rule" and the "Out" connection is allowed.

I have tried to create a firewall rule on the lan to allow from 192.168.10.0/24 but it does not work.

Proto      Source                Port    Destination      Port   Gateway   
IPv4 *   192.168.10.0/24   *      192.168.20.0/24   *       *            
   
Can you help me to find a solution?

Nicolas