1. Home
  2. pfSense® Software
  3. Routing and Multi WAN
  4. Policy based routing not working for ipsec over openvpn

Policy based routing not working for ipsec over openvpn

  • K

    Hi Guys,

    Needy your help here, I am trying to establish a ipsec tunnel within openvpn but the ipsec response packets do not return from openvpn interface instead it takes the default route defined in pfsense. Below is what I am trying to do.

    IPsec clients <–IPsec tunnel till PFsense--> openvpn server <----OpenVPN tunnel---> PFsense (openvpn client + IPsec server)

    Here the IPsec clients are not able to establish the connection with PFsense. The request packets to reach to pfsense on openvpn interface but replies take a different path which is through default gateway, hence it never reaches to clients (or openvpn server). I tried applying policy based routing on openvpn interface with rule as source openvpn network, destination any, gateway openvpn gateway but it did not work. However, if I make the openvpn gateway as default gateway in pfsense then everything works fine, though I cannot do this in production.

    Please let me know if I am missing something here.

    Thank you.

    0
  • K

    @khsonu:

    Hi Guys,

    Needy your help here, I am trying to establish a ipsec tunnel within openvpn but the ipsec response packets do not return from openvpn interface instead it takes the default route defined in pfsense. Below is what I am trying to do.

    IPsec clients <–IPsec tunnel till PFsense--> openvpn server <----OpenVPN tunnel---> PFsense (openvpn client + IPsec server)

    Here the IPsec clients are not able to establish the connection with PFsense. The request packets to reach to pfsense on openvpn interface but replies take a different path which is through default gateway, hence it never reaches to clients (or openvpn server). I tried applying policy based routing on openvpn interface with rule as source openvpn network, destination any, gateway openvpn gateway but it did not work. However, if I make the openvpn gateway as default gateway in pfsense then everything works fine, though I cannot do this in production.

    Please let me know if I am missing something here.

    Thank you.

    FYI, I have almost the same problem here: https://forum.pfsense.org/index.php?topic=130658.0

    Would really like to find a solution :)

    0
  • C

    Are we 3 on the 2.3.4 version?  Coincidence?

    0
  • M

    Just to be clear, you just want your mobile IPsec clients to be able to communicate with an endpoint device across an OpenVPN tunnel?  Or is there more to it then that?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy