Trying to route traffic for one device to other site

Started by Eduardox, January 10, 2025, 09:42:12 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 10, 2025, 09:42:12 PM Last Edit: January 10, 2025, 09:56:48 PM by Eduardox
Site A: 10.10.0.0/16, gateway=10.10.0.254
Site B: 10.20.0.0/16, gateway=10.20.0.254

I have an IPsec tunnel setup between two sites that is working well.  Both sites can go online via their own Internet connection, and I can reach all devices from both sites.

Now for one device (10.10.0.100) on site A I would like to route the traffic over de IPsec tunnel and go to the Internet via site B.

I added these lines:

Site A: System/Gateways/Configuration: name=OPNsenseB, int=WAN,gateway=10.20.0.254
Site A: Firewall/rules/LAN: source=10.10.0.100, prt+dest+dest port=*, gateway=10.20.0.254 (as the first line)
Site B: Firewall/NAT/Outbound: interface=WAN, source=10.10.0.100/32, source+dest+dest port=*

However, this does not work.  Traffic from 10.10.0.100 still goes outside via site A's WAN (!)  If I change the firewall rule for 10.10.0.100 to block instead of pass then 10.10.0.100 has no connectivity anymore - so that line is really used.

What am I doing wrong?  Thanks!
Print
Go Up Pages1
User actions