[SOLVED] IPsec Stealing Traffic.

[opnsense@dkeith.com]

version 21.1.7

Lan lost of connections to networks all behind 10.0.0.0/8
Head office (Draytek 2962)
Wan
Internet
|
IPSEC vpn Lan to Lan 10.0.0.0/8 - 10.14.182.0/24
|
Internet
WAN
opnsense (21.1.7 in the cloud on esxi)
Lan1 10.14.182.1/28 (Firewall ipv4 any to any)
Lan2 10.14.182.128/28 (Firewall ipv4 any to any)
Lan3 10.14.182.144/28 (Firewall ipv4 any to any)
IPSEC (Firewall ipv4 any to any)

As soon as the vpn comes up I lose connectivity between between the lan interfaces on the opnsense 
(Testing from a pc on lan 1 , lose ping to lan2 and lan 3 interfaces)

My expectation is the routing table takes priority, routing out local interfaces first before sending out the wan  where it is vpned back to head office.
10.0.0.0/8 should be lower priority than a local 10.141.182.1/28 Interface

Is the vpn capturing the traffic before it hits the routing table ?
I have tried with individual phase 2 for each Lan interface which did not help.

Have I done something incorrect.
Hopefully I don't need to create individual phase 2 for all the network hiding behind the head office 10.0.0.0/8

Any guidance welcomed.

Thanks

[juere]

I think entering 10.14.182.0/24 under VPN -> IPSEC -> Advanced Settings -> Passthrough networks should do the trick :)

[opnsense@dkeith.com]

Well that was easy when you know how  :)

Spent about a week looking at this and wondering why I could not ping the firewall lan interfaces, then yesterday found out it was the ipsec vpn.

now it is all working as required.

Thankyou for the pointer.