Routed s2s question

[oliba]

Dear opnsense friends,

I Setup Routed IPsec site to site and my IPsec tunnel is up and running , Site A Lan connect my CoreSwitch and routing is add ok .
But i can't 10.0.1.0/24 to connect 192.168.99.2 (Site B FW) ,CoreSwitch ( route add 192.168.99.0/24 gw 10.0.9.2)is added. Ping or Tracert is Deny, Use Http no any message log , How do I set to allow 10.0.1.0/24 to pass site B Lan ?

Site A
wan 1.2.3.4
lan 10.0.9.2/24
Tunnel network 172.18.18.1

Site B
wan 4.3.2.1
lan 192.168.99.2/24
Tunnel network 172.18.18.2

  Live Log Message:
   LAN      Jan 15 11:04:21   10.0.1.23   192.168.99.2   icmp   Default deny rule   
   LAN      Jan 15 11:04:16   10.0.1.23   192.168.99.2   icmp   Default deny rule

[Gauss23]

According to your live log messages you need to add a firewall rule on the LAN interface to allow traffic from 10.0.1.0/24 to 192.168.99.0/24.
And on the OPNsense Site B you need a firewall rule on the IPsec group to allow traffic from 10.0.1.0/24 to 192.168.99.0/24, too

[oliba]

Thank you for your explanation, I set it up successfully