static routes through interface not gateway

Started by dangxian, October 22, 2018, 05:22:32 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 22, 2018, 05:22:32 PM
Hello everybody,

I have a question about static routes

My use case seems to require a route setup through an interface not a gateway.
Currently i had to setup this route using the shell :

route add 169.254.255.253/32 -iface enc0
route add 169.254.255.254/32 -iface enc0

Is there a way to setup this kind of static route using the web interface, it seems that only routes with gateway are possible to define, not routes trhough interface.
If it's not possible, how to define these routes permanently at each reboot and opnsense update and upgrade ?

Regards

OPNsense 18.7.4-amd64
October 23, 2018, 06:10:15 PM #1
Hi dangxian,

enc0 routing is not supported by the kernel due to the trust model of IPsec itself.

There's only room for phase 2 networks (remote) and manual SPD entries (local) that you want to be able to push through.

There's also if_ipsec in FreeBSD since 11.1 that can help with routing in the way you want it, but it still requires proper phase 2 setup and is not yet implemented in OPNsense.


Cheers,
Franco
November 05, 2018, 12:03:29 PM #2
Hi Franco,

thank you for this clear and technical reply.

Regards,

Dangxian
Print
Go Up Pages1
User actions