Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
[IPSec routing-problem] Routes will not come active again after WAN was down
« previous
next »
Print
Pages: [
1
]
Author
Topic: [IPSec routing-problem] Routes will not come active again after WAN was down (Read 791 times)
netcreator
Newbie
Posts: 11
Karma: 1
IPee
[IPSec routing-problem] Routes will not come active again after WAN was down
«
on:
March 09, 2023, 11:04:03 am »
Hey to all!
Yesterday I created an Topic about unresponsive VTI-interfaces after the WAN-link of the OPNSense was down.
Topic: "[UPDATE] IPSec VTI-interface not responding any longer after WAN-IP changed"
I had a bit of progress while i was troubleshooting and figured out the following:
The IPSec VTI-interface is responding but only out of the same network where its placed. So assumed that I have to search for routing-problems on the OPNSense. And yes... there are routing-problems. When the WAN-interface goes down (and also the tunnels) the OPNSense is removing all active routes which are used together with the IPSec-VPN. After the tunnels have gone up again the routes will not be applied again. Some options/configurations like "Allow defaulf gateway switching", "gateway-monitoring" or "upstream gateway" do not have an effect on that. No matter what I do or configure... The routes used for the IPSec-tunnels will not come back as long as I have not restarted the "routing"-Service.
The Routes are still shown under "System-->Routes-->Configuration" because I created them but they will not come active again in the "System-->Routes-->Status". This happens every time a have an DSL-resync and the WAN PPPoE-Interface gets a new ip-address.
Does somebody know about these issue and hopefully have a solution for that?
Thanks in advance!
Logged
franco
Administrator
Hero Member
Posts: 17570
Karma: 1596
Re: [IPSec routing-problem] Routes will not come active again after WAN was down
«
Reply #1 on:
March 09, 2023, 11:23:17 am »
I would appreciate a single topic approach.
Thanks,
Franco
Logged
netcreator
Newbie
Posts: 11
Karma: 1
IPee
Re: [IPSec routing-problem] Routes will not come active again after WAN was down
«
Reply #2 on:
March 12, 2023, 07:57:59 pm »
Problem has been solved in this thread:
"
[FIXED] IPSec VTI-interface not responding any longer after WAN-IP changed
"
https://forum.opnsense.org/index.php?topic=32895.0
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
[IPSec routing-problem] Routes will not come active again after WAN was down