Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
IPsec is going crasy
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPsec is going crasy (Read 745 times)
sainar
Newbie
Posts: 8
Karma: 0
IPsec is going crasy
«
on:
March 19, 2024, 04:55:00 pm »
Colleagues, please help i cannot understand the situation.
I have configured an IPv4 tunnel from Host A to host B
all configs on both sides are identical.
So, what happen exactly Ipsec is connected and all working fine accept that it`s working one way only,
like from side A to B all good (all services are working) from side B (Nothing work) no ping no RDP!
and the most interesting thing it goes down but on IPsec=>Status overview all good
what can it be?
Logged
Patrick M. Hausen
Hero Member
Posts: 6820
Karma: 572
Re: IPsec is going crasy
«
Reply #1 on:
March 19, 2024, 05:31:01 pm »
Firewall rules on the LAN interfaces of both locations, please.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
ianch
Newbie
Posts: 3
Karma: 0
Re: IPsec is going crasy
«
Reply #2 on:
March 19, 2024, 05:53:44 pm »
Hi
if the IPsec tunnel is up and connected this sounds more like a routing issue.
I am assuming side A is a completely different subnet to side B?
On both sides have you checked the routing table such that the device on side B has a route to the subnet on side A, and visa versa the device on side A has a route to the subnet on side B?
Logged
sainar
Newbie
Posts: 8
Karma: 0
Re: IPsec is going crasy
«
Reply #3 on:
March 19, 2024, 06:02:50 pm »
IPsec rules
Protocol Source Port Destination Port Gateway
IPv4 ICMP * * * wan_gateway
IPv4 TCP/UDP * * * wan_gateway
IPv4 * IPsec net * * * wan_gateway
LAN rules
Default
WAN
Protocol Source Port Destination Port
IPv4 ESP IPsec net * WAN address *
IPv4 TCP/UDP IPsec net * WAN address 500 (ISAKMP)
IPv4 TCP/UDP IPsec net * WAN address 4500 (IPsec NAT-T)
Logged
schnipp
Sr. Member
Posts: 371
Karma: 19
Re: IPsec is going crasy
«
Reply #4 on:
March 22, 2024, 09:33:50 pm »
Maybe its a similar issue like I had in the past.
https://forum.opnsense.org/index.php?topic=32997.0
Are the communication endpoints on dedicated clients or on the VPN endpoints (opnsense) itself?
Logged
OPNsense 24.7.1-amd64
sainar
Newbie
Posts: 8
Karma: 0
Re: IPsec is going crasy
«
Reply #5 on:
March 27, 2024, 08:23:58 am »
Thanks for answer yeah maybe you are right.
but i manage to make it work and when i changed the server hardware the appeared once more.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
IPsec is going crasy