Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Site2Site IPsec connecting 2 corporate networks
« previous
next »
Print
Pages: [
1
]
Author
Topic: Site2Site IPsec connecting 2 corporate networks (Read 2109 times)
Akitoo
Newbie
Posts: 5
Karma: 0
Site2Site IPsec connecting 2 corporate networks
«
on:
October 30, 2020, 10:25:18 am »
We tried to set up a Site2Site connection with IPsec in OPNsense, however after many days of trial and error it just wouldn't work.
We were given an IPsec configuration, put that into OPNsense and made, as far as we knew, all necessary changes, to make it work. The farthest we got is, that we were able to ping the other side, but its responses didn't arrive back. We tried a lot of different possibilities, but they did not work and to this day, we don't know too precisely what exactly the error was and why it did not work.
Due to trying to avoid the sunk cost fallacy, we wanted to get it to work, so we just set up an empty Linux server, installed the IPsec configuration, just as we did in OPNsense, and added a single firewall rule:
Code:
[Select]
iptables -t nat -A postrouting -j MASQUERADE
Now it just works, without any issues.
Obviously, we are not networking experts (we both are mainly Software Engineers and similar positions). That's why you can maybe help us deduct, what went wrong with the installation of this scenario through OPNsense and how I could possibly fix it (the other one gave up on OPNsense, due to the frustration arising from this issue). I think there is only one small bit missing from the setup in OPNsense, that's why I don't just want to let it go and be damned.
P.S.: To add to the misery, we have extensive knowledge of Linux, but only beginner knowledge at most with *BSD.
Logged
leyoda
Newbie
Posts: 1
Karma: 0
Re: Site2Site IPsec connecting 2 corporate networks
«
Reply #1 on:
January 15, 2021, 06:55:16 am »
Finally, did you find the solution with Opnsense alone?
Did you have solutions to your questions about it?
Regards
Leyoda
Logged
Akitoo
Newbie
Posts: 5
Karma: 0
Re: Site2Site IPsec connecting 2 corporate networks
«
Reply #2 on:
January 15, 2021, 01:47:19 pm »
Nobody helped us here and nobody who wanted to help had an idea about OPNsense. We tried and tried to make this work in so many ways, but it did not. We had a time limit, so we had to make it work, no matter what.
That's why we followed a generic CLI-only guide for setting up the connection and we settled with that for now.
OPNsense did not help us, this time.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Site2Site IPsec connecting 2 corporate networks