OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: stssteffen on March 28, 2019, 01:30:03 pm

Title: Security Policiy Database empty / ipsec no traffic going out
Post by: stssteffen on March 28, 2019, 01:30:03 pm

Hallo all,

yesterday i migrated a customers firewall from pfsense to opnsense.

OPNsense 19.1.4-amd64
FreeBSD 11.2-RELEASE-p9-HBSD
OpenSSL 1.0.2r 26 Feb 2019.

The customer is using several ipsec site-2-site connections. On the OPNSense all connections coming up and traffic is reaching the hosts inside the notwork through the tunnel. But no traffic is leaving the opnsense through the tunnel back to the remote sites.
I mentioned that the Security Policy Database stays empty.

Are there any hints??

Title: Re: Security Policiy Database empty / ipsec no traffic going out
Post by: AdSchellevis on March 28, 2019, 01:55:00 pm

Hi,

Can you check if "Install policy" in your phase 1 is checked? The default should be checked but wasn't in this version, this will be fixed in the next one.

Best regards,

Ad

reference commit https://github.com/opnsense/core/commit/8b8bbc3bc73c78b536a7bd3e83dcf22e490c1678 (https://github.com/opnsense/core/commit/8b8bbc3bc73c78b536a7bd3e83dcf22e490c1678)

Title: Re: Security Policiy Database empty / ipsec no traffic going out
Post by: stssteffen on March 28, 2019, 02:05:50 pm

 :D this was the trick... it was unchecked.

Thank you very much for your quick reply and the solution.