Exposing ipsec routes



  • Hi,

    I have a functioning IPsec tunnel (router-to-router0, and an OpenVPN setup (for Roadwarriors).

    Thing is, when I go into diagnostic-routes, I see all routes, including OpenVPN routes, but not the IPsec ones.

    While the IPsec tunnel is working fine, it does create some issues with our network monitoring systems.  Is there any way to expose these IPsec routes ?  More specifically, to the SNMP service?


  • Rebel Alliance Developer Netgate

    IPsec does not route. The kernel looks for traffic matching SPD entries and places it into IPsec when a match is found. To view the SPD contents, look at Status > IPsec, SPDs tab.

    If you are trying to get SNMP from the firewall itself over IPsec, you'll have to bind SNMP to the LAN and then have the remote side query the LAN address.



  • IPsec does not route. The kernel looks for traffic matching SPD entries and places it into IPsec when a match is found. To view the SPD contents, look at Status > IPsec, SPDs tab.

    Thank you, that clarifies why it doesn't show up as a route.


Locked