"
Site A: 10.10.0.0/16, gateway=10.10.0.254
Site B: 10.20.0.0/16, gateway=10.20.0.254
I have an IPsec tunnel setup between two sites that is working well. Both sites can go online via their own Internet connection, and I can reach all devices from both sites.
Now for one device (10.10.0.100) on site A I would like to route the traffic over de IPsec tunnel and go to the Internet via site B.
I added these lines:
Site A: System/Gateways/Configuration: name=OPNsenseB, int=WAN,gateway=10.20.0.254
Site A: Firewall/rules/LAN: source=10.10.0.100, prt+dest+dest port=*, gateway=10.20.0.254 (as the first line)
Site B: Firewall/NAT/Outbound: interface=WAN, source=10.10.0.100/32, source+dest+dest port=*
However, this does not work. Traffic from 10.10.0.100 still goes outside via site A's WAN (!) If I change the firewall rule for 10.10.0.100 to block instead of pass then 10.10.0.100 has no connectivity anymore - so that line is really used.
What am I doing wrong? Thanks!
Site B: 10.20.0.0/16, gateway=10.20.0.254
I have an IPsec tunnel setup between two sites that is working well. Both sites can go online via their own Internet connection, and I can reach all devices from both sites.
Now for one device (10.10.0.100) on site A I would like to route the traffic over de IPsec tunnel and go to the Internet via site B.
I added these lines:
Site A: System/Gateways/Configuration: name=OPNsenseB, int=WAN,gateway=10.20.0.254
Site A: Firewall/rules/LAN: source=10.10.0.100, prt+dest+dest port=*, gateway=10.20.0.254 (as the first line)
Site B: Firewall/NAT/Outbound: interface=WAN, source=10.10.0.100/32, source+dest+dest port=*
However, this does not work. Traffic from 10.10.0.100 still goes outside via site A's WAN (!) If I change the firewall rule for 10.10.0.100 to block instead of pass then 10.10.0.100 has no connectivity anymore - so that line is really used.
What am I doing wrong? Thanks!
