IPSEC interface cannot see LAN interface

  • I have seen this question asked quite a few times but have never seen an answer, and now I have the same issue.

    I have a LAN interface ( which uses my WAN for internet, plus another interface ( which accesses the internet through an IPSEC VPN.  Internet access works fine, but I cannot access the LAN network from the IPSEC network.  The phase 2 tunnel for this goes from to

    I can ping from the VPN network but cannot ping any other computers on the network.

    I tried adding as a gateway, and added a firewall rule on the interface to pass any traffic with destination of LAN through this gateway.  When I ping I do see a state created on that firewall line but the status is 0:0 as seen below.

    OVPN icmp -> 0:0 120 / 0 7 KiB / 0 B

    I am just not sure where or how in the routing that things are passed to the IPSEC tunnel.

    I have also tried an OpenVPN tunnel instead.  The routing is easier here and I can access all of the other networks but OpenVPN is much slower for some reason (5 mbps compared to 30 mbps).

    I also experimented with doing a GRE tunnel over IPSEC, as I thought the routing would be more flexible.  I got it connected but I could never get traffic to pass through it.

    If I can get the internal interfaces talking to each other I think IPSEC will be the best solution.  Any ideas?

Log in to reply