Enable bypass for LAN interface IP has no effect when supernetting in IPsec P2
-
Hello everyone :)
I have been looking into pfSense for quite a while now, but I only just stumbled upon the option Auto-exclude LAN address: Enable bypass for LAN interface IP and found it to have no effect and not delivering as promised. Hence, I wonder whether I am far off the track?
The issue is: My current setup allows access to my LAN Interface IP (pfSense WebUI) through the IPsec tunnel no matter how the above option is set.
I have one IPsec connection only and it is set to use supernetting in IPsec Phase 2 (192.168.0.0/23, locally). My only LAN Interface IP address is 192.168.1.1/24. I have a static route set in pfsense to some other gateway to the other local network (192.168.0.0/24), VPN works like a charm, both local networks can be reached through the tunnel.
My assumption is that this has to do with supernetting in IPSec P2.
-
Close to the same thing as this:
https://redmine.pfsense.org/issues/5826
-
Thx - I just registered with redmine and posted a new bug report ticket:
https://redmine.pfsense.org/issues/8549