Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPsec vpn routed site-to-site doesn't allow traffic outside opnsense
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPsec vpn routed site-to-site doesn't allow traffic outside opnsense (Read 1068 times)
defaultuserfoo
Full Member
Posts: 191
Karma: 7
IPsec vpn routed site-to-site doesn't allow traffic outside opnsense
«
on:
May 29, 2022, 01:04:32 pm »
Hi,
I have two IPsec connections to Ubiquity EdgeRouters to an OPNsense router, and it is not possible to ping remote devices through the VPN from devices on the LAN at the OPNsense side. It is possible to ping remote devices from the OPNsense router itself, so the connection is definitely up, only the traffic doesn't make it beyond the router. RDP connections to remote devices aren't possible, either.
I can see outgoing icmp packets being sent to the remote device from the LAN in the firewall log and don't see responses despite the ping is successful.
I have another connection to one of these EdgeRouters from another OPNsense router at a different location which works fine. The VPN setups on the two OPNsense routers are basically the same.
What could be the problem; how can I reach the remote devices?
Logged
defaultuserfoo
Full Member
Posts: 191
Karma: 7
Re: IPsec vpn routed site-to-site doesn't allow traffic outside opnsense
«
Reply #1 on:
May 29, 2022, 03:55:57 pm »
I had to add a route to the remote network on one of the EdgeRouters after I made a packet capture on OPNsense and found that no responses were coming back. Something must be buggy somewhere ...
PS:
The other EdgeRouter had also the route missing. Has there been some change in OPNsense 22.1.8_1 that might prevent the remote endpoint from creating a route to the networks on the OPNsense site?
«
Last Edit: May 29, 2022, 05:46:24 pm by defaultuserfoo
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPsec vpn routed site-to-site doesn't allow traffic outside opnsense