Show Posts
1
24.7 Production Series / Re: 24.7.2 dropped WAN Rules for VPN
« on: August 25, 2024, 03:48:52 am »
I spent the better part of the day today trying to get my vti tunnels back up. Even after manually adding the VPN rules back to the WAN interfaces, nothing would work. It was very strange, because on each end of the tunnel I could see traffic make in in from the other side, but never going back out. Each firewall could ping the tunnel interface of the other, but get no farther.
What has made it work (for now) is changing the IP address of the VPN Gateway I had created to anything other than the IP addresses of the virtual tunnel interfaces. Policy routing works again, even though the tunnel gateway is now totally bogus one each side of the connection.
Edit... Which seems to be because somehow in all the confusion the gateway interfaces ended up pointing to themselves, not the other side of the tunnel.
What has made it work (for now) is changing the IP address of the VPN Gateway I had created to anything other than the IP addresses of the virtual tunnel interfaces. Policy routing works again, even though the tunnel gateway is now totally bogus one each side of the connection.
Edit... Which seems to be because somehow in all the confusion the gateway interfaces ended up pointing to themselves, not the other side of the tunnel.