Messages

Hello,

I have configured a syslog target in OPNsense which is located in its local network. Then I mentionned that there are many blocks against syslog trafic which is sourced from the OPNsense WAN interface. Those blocks are coming from the default deny rule on incoming trafic to the WAN interface. When I verify the logging/target configuration on OPNsense, there is no parameters about the source address that OPNsense should use when sending syslog messages.
If anyone could answer the question why does OPNsense send syslog events to targets via its WAN interface?
is there any possibility to change it to another interface (local interface)?

First, i don't use a route for the target network concerning the vpn clients, but when i do a packet capture of the IPSec interface (in OPNsense) i can see the packets from the vpn client to the target (cisco network) so the trafic can reach OPNsense but it is not actually forwarded to the target.
Second, I use IPSec for remote access VPN, so do you suggest that i change it for my case?

thanks pmhausen for your response.
VPN clients will use the tunnel to OPNsense to access the remote network behind Cisco because i have already added a phase 2 second entry in that tunnel.
I also natted the remote access network to one address of the OPNsense local network which is part of phase 2 entry of the site-to-site tunnel     

Hello,

I have established a site-to-site tunnel between OPNsense(siteA) and a Cisco router(siteB) and i have access to remote attached networks from both sites. I also have established a remote access vpn with OPNsense(siteB) and i also had access to the remote network directly attached to OPNsense(siteB).

Otherwise, i was aiming to access the directly attached network to the Cisco router(siteA) from the vpn client, which is as i said previously connected to OPNsense(siteB), so i decided to add a second phase 2 entry to the network attached to the Cisco router(siteA) and i added the virtual network address of the vpn client (which is configured in mobile client params) in the field called 'manual SPD entries' of the phase2 parameters of the site-to-site tunnel, then i created an outbound NAT rule in the IPSec interface to nat the vpn client address so that the traffic generated by the vpn client could pass through the site-to-site tunnel.

Unfortunetly, after this configuration, i couldn't access the directly attached network to the Cisco router(siteA) from the vpn client.

Is there any suggestion how can i change this configuration to finally reach the cisco router site from my vpn client connected to the OPNsense site?