OPNsense Forum
English Forums => Virtual private networks => Topic started by: maurotb on March 04, 2022, 09:10:19 am
-
Hi,
we have make a point to point ipsec tunnel, in my fw rule under ipsec i have an autogenerated rule "IPsec internal host to host" with all ipv4/ipv6 permit for out packet.
I put this an rule with deny ip , direction in.
Remote site cannot ping my site. ok good
Now if i ping an ip to other site, opnsense make an row in state table, now remote site from this ip can ping me.
Why?
Thanks