Create new site to site IPsec tunnel fails until you reload fw rules

Started by nzkiwi68, June 28, 2022, 01:07:33 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 28, 2022, 01:07:33 AM
I have noticed, that when you create a new site to site IPsec VPN tunnel, it simply will not become active.

I have done a reasonable amount of diagnostics and my finding is this:
If you create or modify a firewall rule or alias and save, thereby reloading the firewall rules, the site to site VPN tunnel will then come up.

Whats going on?
I think when you press save on the new IPsec tunnel, the OPNsense is not immediately updating the hidden IPsec allow rules on the WAN interface and/or not reloading the firewall rules and therefore IPsec traffic is blocked until a firewall rules reload is manually done.


June 29, 2022, 11:57:13 PM #1
DEV any comments?
June 30, 2022, 08:03:58 AM #2
The way to address the developers with a way higher probability of receiving an answer is to open an issue on github. This is the community forum where users try to help each other out. Yes, Franco is joining in occasionally, but please with such a precise diagnose for a possible bug already - please create an issue.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions