Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Routed IPsec: No IPsec Interface by Gateway settings
« previous
next »
Print
Pages: [
1
]
2
Author
Topic: Routed IPsec: No IPsec Interface by Gateway settings (Read 10587 times)
jonsch
Newbie
Posts: 20
Karma: 0
Routed IPsec: No IPsec Interface by Gateway settings
«
on:
October 12, 2020, 04:01:23 pm »
Cheers,
I've two OPNsense firewalls in two different locations, both of them have a public IP and two different LAN subnets.
The routed IPsec is build up like the documentation told me:
https://docs.opnsense.org/manual/how-tos/ipsec-s2s-route.html
The IPsec tunnel is up and running, but I can't set the static routes on both firewalls, because there is no option to create a gateway with the IPsec interface? So how should I route the traffic through the tunnel?
Regards,
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #1 on:
October 12, 2020, 04:33:34 pm »
Do you see the new firewall rules tab? IPsec in general is enabled?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #2 on:
October 12, 2020, 04:46:31 pm »
Yes, the IPsec connection is up and running.
The firewall rule table is also been active with an any any route for testing at the moment.
Logged
Gauss23
Hero Member
Posts: 766
Karma: 39
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #3 on:
October 12, 2020, 06:24:31 pm »
There is no interface for IPsec connections. They don´t provide an interface.
Usually you create as much Phase2 entries as needed to route all the networks you want to route between these sites.
Logged
„The S in IoT stands for Security!“
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #4 on:
October 12, 2020, 06:42:17 pm »
Are you sure? Take a look to the official documentation by step 5 they add an single gateway with an IPsec interface?
I just bind the subnets by phase 2 to the IPsec tunnel but thats all. The routing part has to be created seperate, right? How else should the firewall route the traffic to the IPsec tunnel and not to the default route.
Logged
Gauss23
Hero Member
Posts: 766
Karma: 39
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #5 on:
October 12, 2020, 06:49:07 pm »
Sorry, misunderstood your question.
You need to have "install policy" in Phase1 disabled to be able to use the connection for Gateway creation.
Logged
„The S in IoT stands for Security!“
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #6 on:
October 12, 2020, 06:54:42 pm »
No problem.
It is still disabled, thats the strange thing.
Any other ideas?
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #7 on:
October 12, 2020, 07:01:29 pm »
Screenshots please, P1, P2, Firewall, Interface
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #8 on:
October 12, 2020, 09:32:19 pm »
Other site is configured the same way.
Attached you will find the screenshots.
Logged
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #9 on:
October 12, 2020, 09:32:37 pm »
and the last one...
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #10 on:
October 13, 2020, 07:16:21 am »
This is a policy based IPsec, you didnt follow the Guide.
Also dont use special chars in description as this will be the name of interface
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #11 on:
October 14, 2020, 09:10:08 am »
You are right, I have made the phase 2 on a false way.
I have now removed the subnets and add the tunnel source and destination IP.
But there is still now IPsec interface to choose?
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #12 on:
October 14, 2020, 09:13:33 am »
Quote from: mimugmail on October 13, 2020, 07:16:21 am
Also dont use special chars in description as this will be the name of interface
New screenshots please ...
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
jonsch
Newbie
Posts: 20
Karma: 0
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #13 on:
October 14, 2020, 09:25:24 am »
I have removed also any special characters and white spaces...
The configuration is the same but addresses instead of subnets...
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Routed IPsec: No IPsec Interface by Gateway settings
«
Reply #14 on:
October 14, 2020, 10:43:36 am »
You still didn't follow the docs exactly .. it routed and not tunnel ..
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages: [
1
]
2
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Routed IPsec: No IPsec Interface by Gateway settings