Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
IPsec VPN on a virtual IP Interface
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPsec VPN on a virtual IP Interface (Read 2111 times)
BOSSJoe
Newbie
Posts: 38
Karma: 2
IPsec VPN on a virtual IP Interface
«
on:
March 30, 2020, 02:00:03 pm »
Hi, everybody,
we have here in our lab an OPNsense Firewall with the latest software.
There are three ports (LAN, WAN, VPN). At the WAN port our ISP has switched us a total of 5 usable external IP addresses.
The first of these IP addresses uses our WAN interface directly. Another one I would like to use to set up an IPsec VPN. Unfortunately I seem to miss something.
I have entered the additional IP as a virtual IP and selected it as interface in the IPsec settings. After that I checked the firewall rules of the WAN interface. Unfortunately the VPN rules do not seem to be created automatically. Therefore I created them manually.
But I still can't get a tunnel.
Does anyone have an idea what else I could look at?
BTW. Another IPsec VPN which is directly on the WAN interface works fine. There the firewall rules are created automatically.
Thanks a lot
Greeting
Joe
Logged
banym
Sr. Member
Posts: 468
Karma: 31
Free Human Being, FreeBSD, Linux and Mac nerd
Re: IPsec VPN on a virtual IP Interface
«
Reply #1 on:
March 30, 2020, 02:47:33 pm »
Please share the configuration details via Screenshot, the log error you get in IPsec and the rules on WAN.
Common problems with this type of configuration are missmatching IDs or missing or wrong rules.
Logged
Twitter: banym
Mastodon: banym@bsd.network
Blog:
https://www.banym.de
BOSSJoe
Newbie
Posts: 38
Karma: 2
Re: IPsec VPN on a virtual IP Interface
«
Reply #2 on:
March 30, 2020, 05:06:15 pm »
Hello,
thank you for the quick response.
I would like to make the screenshots for you. However, this is already almost productive and I would have to make almost all relevant information unrecognizable.
However, I have the tunnel running now (my counterpart on the second site has initiated the connection). However, I can't get it to the remote network to be routed.
A traceroute shows that the default gateway is taken.
What could be the reason for this?
Thanks a lot
Greeting
Joe
Logged
banym
Sr. Member
Posts: 468
Karma: 31
Free Human Being, FreeBSD, Linux and Mac nerd
Re: IPsec VPN on a virtual IP Interface
«
Reply #3 on:
March 30, 2020, 05:58:48 pm »
Maybe you only have phase 1 up and running but not phase 2.
Logged
Twitter: banym
Mastodon: banym@bsd.network
Blog:
https://www.banym.de
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
IPsec VPN on a virtual IP Interface