[SOLVED] IPSec Road Warrior Connectivity Issues

Started by teb, April 07, 2025, 01:43:01 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 07, 2025, 01:43:01 AM Last Edit: May 03, 2025, 07:03:14 PM by teb
Hey all,

  I spent the weekend to get my IPSec road warrior up and running successfully.  I was at first running dual stack, and IPv6 wasn't working, but IPv4 was.  It turns out I had the wrong subnet.  Rookie mistake.  Once I got the right subnet up and running though, I didn't have any network connectivity, except ICMP and UDP traffic.. or so I thought.  I had the DNS in my IPSec IPv4 pool to my adguard instance hosted on my opnsense box, so 192.168.1.1.  I could see traffic getting to the DNS server, but for some reason, my end user device was not getting the answers.  I stumbled across this: https://forum.opnsense.org/index.php?topic=30967.0.  That told me I need to set up a static route for the IPSec subnet so that the DNS servers could figure out where to send the packets.  I realize I could use a public DNS, and it would work, but then I wouldn't get any of my adguard features, which is part of the reason I wanted to do this in the first place. 

  I was also hoping that the documentation could get updated, since it has the user configure the DNS to the router, so the guide won't work as is.
 
  I hope someone finds this useful.

Thanks!

 
Print
Go Up Pages1
User actions