Routing a VLAN to VPN

[ybizeul]

I have an extremely bizarre behaviour.

I configured VAN 101 of my switches, and created an interface on OPNsense
Configured DHCP server, all good.

Now, I added a rule for that VLAN interface "in" so that everything is ACCEPT, through the Gateway : (My VPN client interface).

I noticed that instead of listing the remote x.x.x.1 IP address, it lists the local x.x.x.2 IP address, seems odd to me.

Now to the bizarre part : anything I ping from the PC gets a ping reply from OPNsense itself. It could be 1.1.1.1 or any other IP, for some reason, OPNsense things the ping is for itself.

If I disable the rule that does the Gateway option, that behaviour stops.

OPNsense replying to any request (I described ping, but if I actually go to http://1.2.3.4/ i end up on OPNsense page.

What could cause a "catch-all" behavior ?

This is captured from OPNsense

Code Select Expand

23:25:42.513942 IP 10.101.0.100 > 1.1.1.1: ICMP echo request, id 29, seq 53, length 64
23:25:42.513976 IP 10.101.0.1 > 10.101.0.100: ICMP echo reply, id 29, seq 53, length 64


Now I also noticed that if on the VPN server I push push "redirect-gateway def1" then :
- The behaviour stops (but packets go through default interface instead of VPN
- Now I get the .1 IP address in the Gateway menu.

Thanks for your help !

OPNsense 20.7.5-amd64