<![CDATA[Policy based routing not working for ipsec over openvpn]]>Hi Guys,

Needy your help here, I am trying to establish a ipsec tunnel within openvpn but the ipsec response packets do not return from openvpn interface instead it takes the default route defined in pfsense. Below is what I am trying to do.

IPsec clients <–IPsec tunnel till PFsense--> openvpn server <----OpenVPN tunnel---> PFsense (openvpn client + IPsec server)

Here the IPsec clients are not able to establish the connection with PFsense. The request packets to reach to pfsense on openvpn interface but replies take a different path which is through default gateway, hence it never reaches to clients (or openvpn server). I tried applying policy based routing on openvpn interface with rule as source openvpn network, destination any, gateway openvpn gateway but it did not work. However, if I make the openvpn gateway as default gateway in pfsense then everything works fine, though I cannot do this in production.

Please let me know if I am missing something here.

Thank you.

]]>https://forum.netgate.com/topic/115941/policy-based-routing-not-working-for-ipsec-over-openvpnRSS for NodeFri, 12 Jun 2026 14:06:10 GMTSun, 21 May 2017 03:02:30 GMT60<![CDATA[Reply to Policy based routing not working for ipsec over openvpn on Fri, 26 May 2017 20:23:47 GMT]]>Just to be clear, you just want your mobile IPsec clients to be able to communicate with an endpoint device across an OpenVPN tunnel?  Or is there more to it then that?

]]>https://forum.netgate.com/post/702183https://forum.netgate.com/post/702183Fri, 26 May 2017 20:23:47 GMT<![CDATA[Reply to Policy based routing not working for ipsec over openvpn on Thu, 25 May 2017 07:26:57 GMT]]>Are we 3 on the 2.3.4 version?  Coincidence?

]]>https://forum.netgate.com/post/701786https://forum.netgate.com/post/701786Thu, 25 May 2017 07:26:57 GMT<![CDATA[Reply to Policy based routing not working for ipsec over openvpn on Mon, 22 May 2017 10:45:08 GMT]]>@khsonu:

Hi Guys,

Needy your help here, I am trying to establish a ipsec tunnel within openvpn but the ipsec response packets do not return from openvpn interface instead it takes the default route defined in pfsense. Below is what I am trying to do.

IPsec clients <–IPsec tunnel till PFsense--> openvpn server <----OpenVPN tunnel---> PFsense (openvpn client + IPsec server)

Here the IPsec clients are not able to establish the connection with PFsense. The request packets to reach to pfsense on openvpn interface but replies take a different path which is through default gateway, hence it never reaches to clients (or openvpn server). I tried applying policy based routing on openvpn interface with rule as source openvpn network, destination any, gateway openvpn gateway but it did not work. However, if I make the openvpn gateway as default gateway in pfsense then everything works fine, though I cannot do this in production.

Please let me know if I am missing something here.

Thank you.

FYI, I have almost the same problem here: https://forum.pfsense.org/index.php?topic=130658.0

Would really like to find a solution :)

]]>https://forum.netgate.com/post/701026https://forum.netgate.com/post/701026Mon, 22 May 2017 10:45:08 GMT