Multiple WAN issue with IPSec VTI + FRR
shellingfox last edited by
I have pfsense box setup with 1 LAN (172.16.4.0/24) and 2 WAN.
I has use 1 WAN for setup 2 IPSec connection to AWS VPN, and configure as VTI. BGP setting using FRR, all working fine:
And the ping to AWS IP is working in pfsense box:
Also working on my computer:
The problem just came after I update the Firewall Rules for LAN from Default into MultipleWAN Gateway. I can only ping from pfsense box to AWS, but the dynamic routing doesn't apply to other computer inside LAN.
How to get the benefit of VTI and MultipleWAN Gateway working? I can setup P2 rules and get its working, but its hard to maintain and since I use the VPN from Transit Gateway, with more and more account added into TGW, its very hard to add P2 rules.