1
21.1 Legacy Series / Re: Routed IPSec BGP Invalid
« on: April 14, 2021, 07:17:23 pm »
Heya! No, sadly I couldn't get it to work. I redeployed to use tunnel / policy instead as a workaround.
Before I gave up I noticed the lack of a route to the VPNGW and added a static route for the VPN gateway - would that not have solved the problem? I also tried modifying the tunnel addresses to be the local IPs (LAN IP local, VPN GW IP for Azure) that didn't seem to work either even though BGP data was exchanged. Baffled as to what happened - as this all worked previously.
Not sure if it's related, but there was this discussion regarding route-based IPSEC connections on GitHub: https://github.com/opnsense/docs/pull/279#pullrequestreview-632969636
Before I gave up I noticed the lack of a route to the VPNGW and added a static route for the VPN gateway - would that not have solved the problem? I also tried modifying the tunnel addresses to be the local IPs (LAN IP local, VPN GW IP for Azure) that didn't seem to work either even though BGP data was exchanged. Baffled as to what happened - as this all worked previously.
Not sure if it's related, but there was this discussion regarding route-based IPSEC connections on GitHub: https://github.com/opnsense/docs/pull/279#pullrequestreview-632969636