IPsec Trouble

Started by s313j, September 23, 2023, 04:40:49 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 23, 2023, 04:40:49 PM
I am new to opnsense. I have multiple houses connected with IPsec tunnels. I am having trouble with my IPsec rules. I am seeing blocked traffic in the firewall log however, I believe my rules are correct? I can ping, but I can't get any webpages or GUI's of remote devices to load normally. They either are very slow (like minutes) or load a very basic text GUI which is not correct. This is happening between all my site to site connections. I also created an all rule to attempt to narrow down the cause but it does not want to allow it still.

This setup was working previously with UniFi IPsec at both locations. I am slowly trying to switch over to OPNsense.

Any suggestions on a rule to match this traffic?
September 24, 2023, 07:04:49 PM #1 Last Edit: September 25, 2023, 01:18:50 PM by Monviech
Two things come to my mind that you can investigate:
- MTU and MSS issues
https://networkcanuck.com/2013/06/10/troubleshooting-mtu-size-over-ipsec-vpn/
- Asymmetric routing with TCP traffic
https://docs.netgate.com/pfsense/en/latest/troubleshooting/asymmetric-routing.html
Hardware:
DEC740
Print
Go Up Pages1
User actions