Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Locally generated traffic not flowing into IPsec site-to-site tunnel

    IPsec
    1
    3
    444
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      maestrx
      last edited by

      Hello,

      I have IPsec in tunnel mode connected to GCP. For devices connected behind the pfSense everythign is workign just fine. But whenever I'm trying to generate traffic on the pfSense itself expecting it to traverse through the IPsec, nothing works. When doing some routing checks, I see that the traffic originated on teh pfSense targetting private IP range via the IPsec is in reality sent out through WAN interface (where its droppped), instead of being routed via the IPsec tunnel. Ive found "https://forum.opnsense.org/index.php?topic=20868.0" thread, but I cannot find the referenced option there.

      What Im I missing?

      Thanks
      Vit

      1 Reply Last reply Reply Quote 0
      • M
        maestrx
        last edited by

        The usecase Im trying to get working here is DHCP relay. I can confirm that the DHCP broadcast is reaching the pfSense, but forwarded out via WAN interface. In case I configure the DHCP relay to poin to host on directly connected interfaces, all is working fine. Meaning the DHCP relay is functioning properly.

        1 Reply Last reply Reply Quote 0
        • M
          maestrx
          last edited by

          Seems this is a known limitation: https://forum.netgate.com/topic/118063/dhcp-relay-over-ipsec-vpn/16

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.