Routed s2s question

Started by oliba, January 18, 2021, 07:55:43 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 18, 2021, 07:55:43 AM
Dear opnsense friends,

I Setup Routed IPsec site to site and my IPsec tunnel is up and running , Site A Lan connect my CoreSwitch and routing is add ok .
But i can't 10.0.1.0/24 to connect 192.168.99.2 (Site B FW) ,CoreSwitch ( route add 192.168.99.0/24 gw 10.0.9.2)is added. Ping or Tracert is Deny, Use Http no any message log , How do I set to allow 10.0.1.0/24 to pass site B Lan ?

Site A
wan 1.2.3.4
lan 10.0.9.2/24
Tunnel network 172.18.18.1

Site B
wan 4.3.2.1
lan 192.168.99.2/24
Tunnel network 172.18.18.2

  Live Log Message:
   LAN      Jan 15 11:04:21   10.0.1.23   192.168.99.2   icmp   Default deny rule   
   LAN      Jan 15 11:04:16   10.0.1.23   192.168.99.2   icmp   Default deny rule
January 18, 2021, 08:58:13 AM #1
According to your live log messages you need to add a firewall rule on the LAN interface to allow traffic from 10.0.1.0/24 to 192.168.99.0/24.
And on the OPNsense Site B you need a firewall rule on the IPsec group to allow traffic from 10.0.1.0/24 to 192.168.99.0/24, too
,,The S in IoT stands for Security!" :)
January 19, 2021, 04:51:06 AM #2
Thank you for your explanation, I set it up successfully
Print
Go Up Pages1
User actions