Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Default address in case if IPSec
« previous
next »
Print
Pages: [
1
]
Author
Topic: Default address in case if IPSec (Read 1368 times)
HappyOpnSense
Newbie
Posts: 11
Karma: 0
Default address in case if IPSec
«
on:
February 24, 2022, 02:37:13 pm »
Hi,
running OPNSense 22.1 on ARM (yes it works) using IPSec to have a secure connection to my central location. Clients behind the OPNSense FW can reach the central location as expected and FW rules work accordingly.
What doesn't work is when the OPNSense FW needs to reach the central location it self, e.g. for pkg updates as I have a local repo at my central location.
What seems to be the issue is the OPNSense uses the WAN interface address as the default (and that one can;t be used as a source address on the VPN link) rather than the LAN interface address as the default. Any suggestion on what needs to be done to have this changed. If I use ping -S <LAN address> <dest> it all works but e.g. pkg update will not use the LAN address as its source.
Logged
OPNSense on Elite Edition Intel N100 - Crucial 16G DDR - Lexar NM620 512GB
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Default address in case if IPSec
«
Reply #1 on:
February 24, 2022, 07:32:19 pm »
A similar thing was discussed here including the magical solution:
https://github.com/opnsense/core/issues/5586
Cheers,
Franco
Logged
HappyOpnSense
Newbie
Posts: 11
Karma: 0
Re: Default address in case if IPSec
«
Reply #2 on:
February 24, 2022, 08:10:18 pm »
Amazing, but it seems to work.
Thnx
Logged
OPNSense on Elite Edition Intel N100 - Crucial 16G DDR - Lexar NM620 512GB
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Default address in case if IPSec
«
Reply #3 on:
February 24, 2022, 08:13:51 pm »
magic indeed
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Default address in case if IPSec