Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPSec packets go out the wrong interface [BUG in v22.7?]
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec packets go out the wrong interface [BUG in v22.7?] (Read 775 times)
WEHA
Newbie
Posts: 3
Karma: 0
IPSec packets go out the wrong interface [BUG in v22.7?]
«
on:
October 29, 2022, 01:16:25 pm »
--- "fixed" by downgrading to 22.1 ---
I have 2 wan interfaces:
- WAN via DHCP (router in bridge mode)
-- Gateway has prio 32, upstream gateway selected
- WAN via ISP router on an interal subnet, Router has the firewall set as an exposed host / dmz host
-- Gateway has prio 12, upstream gateway not selected
I exported the config from a hardware appliance to a VM (also update from 22.7.5 to 22.7.6), since then, ipsec traffic only goes out the interface with the default route.
There are tunnels on both interfaces and only the ones on the default gateway work.
I checked this with tcpdump because I don't see anything in the firewall log in the GUI.
If I init the ipsec from the remote side, I see the traffic coming in on the correct interface but no reply on the same interface is given.
Sometimes I see traffic going out the correct interface, but no connection can been established.
(un)Ticking Disable force gateway has no effect
I also tried Disable Auto-added VPN rules and making my own rules, no change.
I'm at a loss what the problem could be.
Any other communication (lan -> wan) goes out the correct interface.
i checked the gateway configuration with the hardware firewall and it looks the same.
«
Last Edit: October 30, 2022, 09:43:39 am by WEHA
»
Logged
WEHA
Newbie
Posts: 3
Karma: 0
Re: IPSec packets go out the wrong interface
«
Reply #1 on:
October 29, 2022, 03:17:44 pm »
Also tried this and it does not work if that interface is not default gateway: curl --interface igb1_vlan3 --ipv4
https://url
...
It just does not want to use the gateway of that interface.
Logged
WEHA
Newbie
Posts: 3
Karma: 0
Re: IPSec packets go out the wrong interface
«
Reply #2 on:
October 30, 2022, 09:42:42 am »
I reverted back to the hardware appliance and now it does not work anymore either...
I installed the 22.1 version again, restored backup, everything works..
When I compare the 2 configuration xml files there is no difference so I'm guessing this is a bug.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPSec packets go out the wrong interface [BUG in v22.7?]