Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
[SOLVED] IPsec Stealing Traffic.
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] IPsec Stealing Traffic. (Read 1736 times)
opnsense@dkeith.com
Newbie
Posts: 12
Karma: 0
[SOLVED] IPsec Stealing Traffic.
«
on:
June 23, 2021, 11:09:15 pm »
version 21.1.7
Lan lost of connections to networks all behind 10.0.0.0/8
Head office (Draytek 2962)
Wan
Internet
|
IPSEC vpn Lan to Lan 10.0.0.0/8 - 10.14.182.0/24
|
Internet
WAN
opnsense (21.1.7 in the cloud on esxi)
Lan1 10.14.182.1/28 (Firewall ipv4 any to any)
Lan2 10.14.182.128/28 (Firewall ipv4 any to any)
Lan3 10.14.182.144/28 (Firewall ipv4 any to any)
IPSEC (Firewall ipv4 any to any)
As soon as the vpn comes up I lose connectivity between between the lan interfaces on the opnsense
(Testing from a pc on lan 1 , lose ping to lan2 and lan 3 interfaces)
My expectation is the routing table takes priority, routing out local interfaces first before sending out the wan where it is vpned back to head office.
10.0.0.0/8 should be lower priority than a local 10.141.182.1/28 Interface
Is the vpn capturing the traffic before it hits the routing table ?
I have tried with individual phase 2 for each Lan interface which did not help.
Have I done something incorrect.
Hopefully I don't need to create individual phase 2 for all the network hiding behind the head office 10.0.0.0/8
Any guidance welcomed.
Thanks
«
Last Edit: June 24, 2021, 09:12:04 am by opnsense@dkeith.com
»
Logged
juere
Jr. Member
Posts: 91
Karma: 8
Re: IPsec Stealing Traffic.
«
Reply #1 on:
June 23, 2021, 11:23:22 pm »
I think entering 10.14.182.0/24 under VPN -> IPSEC -> Advanced Settings -> Passthrough networks should do the trick
Logged
opnsense@dkeith.com
Newbie
Posts: 12
Karma: 0
Re: IPsec Stealing Traffic.
«
Reply #2 on:
June 24, 2021, 09:11:05 am »
Well that was easy when you know how
Spent about a week looking at this and wondering why I could not ping the firewall lan interfaces, then yesterday found out it was the ipsec vpn.
now it is all working as required.
Thankyou for the pointer.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
[SOLVED] IPsec Stealing Traffic.