Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
OPNsense not forwarding traffic to policy based VPN
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNsense not forwarding traffic to policy based VPN (Read 575 times)
zemanek
Newbie
Posts: 18
Karma: 0
OPNsense not forwarding traffic to policy based VPN
«
on:
October 27, 2023, 04:46:22 pm »
Hello,
I have OPNsense instance residing in 10.111.128.128/28 which is the local encryption domain for policy based IPsec VPN, the other IPsec VPN end has 10.240.0.0/12 encryption domain.
Now, from within the OPNsense instance, I can PING a host in the 10.240.0.0/12.
When trying to PING the same host in 10.240.0.0/12 from my other local network (10.240.0.0/12 being routed to the OPNsense instance), I can see in packet capture (both enc0 and xn0 interface) on OPNsense, that the ICMP packet arrived to OPNsense, but is not forwarded to IPsec VPN.
Any idea what could be the culprit?
OPNsense 23.7.5-amd64
FreeBSD 13.2-RELEASE-p3
OpenSSL 1.1.1w 11 Sep 2023
Logged
zemanek
Newbie
Posts: 18
Karma: 0
Re: OPNsense not forwarding traffic to policy based VPN
«
Reply #1 on:
October 29, 2023, 11:52:54 pm »
By comparing the configuration with another OPNsense instance with similar configuration it turned out that OPNsense
does not correctly clean up/revert its changes to configuration
when I was switching VPN from policy based to route based and back several times.
So in the end I reset OPNsense to factory defaults and configured
THE SAME
from scratch and now it works.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
OPNsense not forwarding traffic to policy based VPN