Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
IPSec tunnel endpoint issues
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec tunnel endpoint issues (Read 3727 times)
vince
Newbie
Posts: 31
Karma: 4
IPSec tunnel endpoint issues
«
on:
September 25, 2017, 11:43:19 am »
Hi, I'm pretty stuck right now so I hope someone here can help me.
We have a site-to-site VPN with IPSec and I can ping the site B box from the site A box, but not vice-versa. Site B clients can ping the site A box and everything beyond, site A clients can ping anything beyond the site B box and the box itself.
On site A the routes to site B's subnets point to site A LAN and as far as I understand it doesn't even matter which interface I choose since the tunnel will notice the traffic is for it and forward it to the other site. Same setup on the other box as well.
Now on to IPSec, both boxes have one phase-1 connection and a few phase-2 connections (one phase-2 connection per subnet).
We DID have an additional problem that not all of site B's clients could connect to servers on site A but that somehow vanished after removing the PPPoE-endpoint we had to put in front of site B because of the PPPoE crash in earlier 17.7 releases. If someone could shed some light onto why that might have happened I'd be quite happy as well. I know it might just be en educated guess, but it might help me understand IPSec a bit better.
Logged
BertM
Jr. Member
Posts: 53
Karma: 12
Re: IPSec tunnel endpoint issues
«
Reply #1 on:
October 30, 2017, 02:33:00 pm »
Vince,
The only time I ever encountered something like that was when I misconfigured firewall rules for IPsec on one side.
Maybe you also have something wrong with Firewall Rules?
Kind regards,
Bert
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
IPSec tunnel endpoint issues