OPNsense Forum

English Forums => General Discussion => Topic started by: s313j on September 23, 2023, 04:40:49 pm

Title: IPsec Trouble
Post by: s313j on September 23, 2023, 04:40:49 pm: I am new to opnsense. I have multiple houses connected with IPsec tunnels. I am having trouble with my IPsec rules. I am seeing blocked traffic in the firewall log however, I believe my rules are correct? I can ping, but I can't get any webpages or GUI's of remote devices to load normally. They either are very slow (like minutes) or load a very basic text GUI which is not correct. This is happening between all my site to site connections. I also created an all rule to attempt to narrow down the cause but it does not want to allow it still.

This setup was working previously with UniFi IPsec at both locations. I am slowly trying to switch over to OPNsense.

Any suggestions on a rule to match this traffic?
Title: Re: IPsec Trouble
Post by: Monviech on September 24, 2023, 07:04:49 pm: Two things come to my mind that you can investigate:
- MTU and MSS issues
https://networkcanuck.com/2013/06/10/troubleshooting-mtu-size-over-ipsec-vpn/
- Asymmetric routing with TCP traffic
https://docs.netgate.com/pfsense/en/latest/troubleshooting/asymmetric-routing.html

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy