pfSense/ESXi route all VM via GRE TUNNEL
-
Yes, you need to policy route that specific VM by using a firewall rule with just that VM IP as the source. Then set the gateway there.
Yes, GRE is not encrypted so anything in the route could see the traffic. That often wouldn't matter. If it's https traffic that's encrypted anyway for example.
-
I did it already and it doesn't changes the VM IP.
But when I set the gre tunnel as default gateway it changes all VMs IP. -
Then the rule is not catching the traffic. It has to be in the LAN side ruleset before any other pass rules you might have there.
-
Yeah it's on LAN side and on top. First rule. Still doesn't changes VM IP.
-
-
That should certainly do it. You can see the rule has states and bytes on it.
How are you testing?
-
Yeah that's what I was wondering, But on my windows VM still shows default gateway IP. Not the gre tunnel ip.
Even restarted my VM.
-
Where does it show it? How are you testing?
You may need to clear any existing states. Traffic that was already passing would not be cleared.
-
Speedtest.net
whatismyip.com
whatismyipaddress.com
dnsleaktest.comall shows the deafult gateway IP.
All the rules are cleared except RDP one. -
Cleared all the existing states as well.
Is that firewall bug?Using version:
2.7.2-RELEASE (amd64)Please let me know.
-
Do you have any floating rules?
Is the OPT1_TUNNEL gateway up?
Try checking Diag > States for states from 192.168.1.11.
-
oh my man, These silly mistakes is wasting my time.
The gateway was being considered as offline, So I had to disable gateway monitoring. and it solved the problem.
Thank you so much
