IPsec (routed) - Firewall / Interface mismatch

Started by proctor, March 11, 2021, 03:19:11 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 11, 2021, 03:19:11 PM
Hello,

I have an IPsec connection with routed ESP, both ends are OPNsense version 21.1.2 and 21.1. Ping and ssh work like expected through the tunnel, but http/https not.  Web Proxy isn't in use.

In Firefox network analyzer I see that some data is received, but no page will be shown. Looking in the firewall logs (attached), it seems like an interface mismatch. What I found for that is related to NAT - https://forum.opnsense.org/index.php?topic=13663.msg62940#msg62940 , but it dont seem to help me.

Because I see this issue in two constallations - that are the only constellation with OPNsense at both ends here - I think of a configuration problem but have no more idea (after struggeling for a couple of days).

Does anyone have an idea, what is going wrong? I will share any futher information if needed.

Code Select

Interface Time Source Destination Proto Label
-------------------------------------------------------------------------------------------------------------------------------------------------

HTTP:
-------------------------------------------------------------------------------------------------------------------------------------------------
IPsec Mar 11 12:42:57 10.8.0.4: 10.240.9.14 tcp Default deny rule
IPsec Mar 11 12:42:57 10.8.0.4:80 10.240.9.14:50595 tcp Default deny rule
IPsec Mar 11 12:42:56 10.8.0.4: 10.240.9.14 tcp Default deny rule
IPsec Mar 11 12:42:56 10.8.0.4:80 10.240.9.14:50595 tcp Default deny rule
IPsec Mar 11 12:42:56 10.8.0.4: 10.240.9.14 tcp Default deny rule
IPsec Mar 11 12:42:56 10.8.0.4:80 10.240.9.14:50595 tcp Default deny rule
IPsec_Infra_08 Mar 11 12:42:55 10.240.9.14:50595 10.8.0.4:80 tcp let out anything from firewall host itself
LAN_Admin_Prime Mar 11 12:42:55 10.240.9.14:50595 10.8.0.4:80 tcp Infra Local | Admin Prime - RDSH
-------------------------------------------------------------------------------------------------------------------------------------------------

SSH:
-------------------------------------------------------------------------------------------------------------------------------------------------
IPsec_Infra_08 Mar 11 12:39:01 10.240.9.14 10.8.0.4 icmp let out anything from firewall host itself
LAN_Admin_Prime Mar 11 12:39:01 10.240.9.14 10.8.0.4 icmp Infra Local | Admin Prime - RDSH
-------------------------------------------------------------------------------------------------------------------------------------------------

Ping:
-------------------------------------------------------------------------------------------------------------------------------------------------
IPsec_Infra_08 Mar 11 12:35:54 10.240.9.14:50591 10.8.0.4:22 tcp let out anything from firewall host itself
LAN_Admin_Prime Mar 11 12:35:54 10.240.9.14:50591 10.8.0.4:22 tcp Infra Local | Admin Prime - RDSH


Thanks,
poctor

Print
Go Up Pages1
User actions