1
20.1 Legacy Series / IPSEC tunnel config changes Opnsense host IP in /etc/hosts
« on: May 15, 2020, 02:04:51 am »
Hello. I hope everyone is safe and well at this troubling time. I'm so grateful for the functionality of Opnsense, thank you.
So this seems like a weird one to me but I cannot figure out how to stop it happening.
I have a LAN on 10.23.21.0/24 and a routed IPSEC tunnel into Azure. The tunnel IPs are 10.111.1.1 locally and 10.111.1.2 at the Azure end.
Opnsense is configured on the LAN as 10.23.21.1 and of course that's what I'd like opnsense locally to ping.
After adding the IPSEC tunnel recently though I became aware that suddenly the opnsense hostname was resolving to clients on the LAN as 10.111.1.1 (the IP of the local IPSEC tunnel end). Disabling the phase 2 IPSEC configuration returns things to normal.
After fiddling I finally found that the opnsense IP address is being changed in /etc/hosts. This doesn't seem right to me. For now I have used an override in DNSmasq to get local clients resolving opnsense to 10.23.21.1 again but really I'd like to get /ets/hosts back to normal.
Thanks so much and sorry if this is a dumb question or I've missed out something you need to know,
Charlie
So this seems like a weird one to me but I cannot figure out how to stop it happening.
I have a LAN on 10.23.21.0/24 and a routed IPSEC tunnel into Azure. The tunnel IPs are 10.111.1.1 locally and 10.111.1.2 at the Azure end.
Opnsense is configured on the LAN as 10.23.21.1 and of course that's what I'd like opnsense locally to ping.
After adding the IPSEC tunnel recently though I became aware that suddenly the opnsense hostname was resolving to clients on the LAN as 10.111.1.1 (the IP of the local IPSEC tunnel end). Disabling the phase 2 IPSEC configuration returns things to normal.
After fiddling I finally found that the opnsense IP address is being changed in /etc/hosts. This doesn't seem right to me. For now I have used an override in DNSmasq to get local clients resolving opnsense to 10.23.21.1 again but really I'd like to get /ets/hosts back to normal.
Thanks so much and sorry if this is a dumb question or I've missed out something you need to know,
Charlie