Gateway not working anymore in routed IPsec (Azure)

Started by alh, April 30, 2021, 07:08:26 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
April 30, 2021, 07:08:26 PM
After upgrading to 21.5 the gateway setup on the IPsec interface as described in this manual

https://docs.opnsense.org/manual/how-tos/ipsec-s2s-route-azure.html

does not work anymore. The error message is:

Code Select
Cannot add IPv4 Gateway Address because no IPv4 address could be found on the interface.

However, I have access to the remote network and all but I do need the gateway for the static route no?

April 30, 2021, 07:54:00 PM #1
Screenshots of P1 and P2 please
April 30, 2021, 10:38:55 PM #2
Here you go, if I understood correctly Phase 1
April 30, 2021, 10:39:17 PM #3
Phase 2
April 30, 2021, 10:40:45 PM #4
And the error message.
May 01, 2021, 06:46:00 AM #5
P1 use start immediate and check if the Tunnel comes up in general
May 01, 2021, 11:12:38 AM #6
The tunnel comes up fine and I can ping the virtual machines on Azure. In the route I find the linked gateway and the gateway itself a bit strange...
May 01, 2021, 12:42:04 PM #7
So does it Work or not? Confused  :o
May 01, 2021, 01:10:55 PM #8
It does somehow work (did not dare to reboot) but why is my gateway "defunct" and why can I not add an IP address to it anymore?
May 06, 2021, 08:42:11 PM #9
I have the same issue with routed ipsec between two OPNSense Firewalls:

If I want add a IP to the Gateway for the Ipsec Interface I get only:

The following input errors were detected:

    Cannot add IPv4 Gateway Address because no IPv4 address could be found on the interface.

If I leave the IP empty the Gateway is defunct.

How can I add a Gateway for routed ipsec?



May 06, 2021, 09:43:11 PM #10
Screenshots please.
May 07, 2021, 12:36:45 AM #11 Last Edit: May 07, 2021, 01:41:21 PM by fog
I can not add the Gateway.

See step 5 from https://docs.opnsense.org/manual/how-tos/ipsec-s2s-route.html#step-5-define-gateways

Possible it is only a problem in the GUI? Can I add a Gateway in the shell with a command?
May 07, 2021, 04:27:51 PM #12
Sceenshot of P1 and P2 please
May 07, 2021, 04:35:43 PM #13
solved by:
opnsense-revert -r 21.1 strongswan
opnsense-revert -r 21.1 opnsense   :(

Now I can add the gateway with ip again.  :)
May 07, 2021, 05:07:08 PM #14
It would more help to test reverting only opnsense and not strongswan and then go back version to version to see which one is affecting. Then the devs can find the commit and fix the error
Print
Go Up Pages1 2
User actions