Multiple WAN issue with IPSec VTI + FRR

  • Hi,

    I have pfsense box setup with 1 LAN ( and 2 WAN.

    I has use 1 WAN for setup 2 IPSec connection to AWS VPN, and configure as VTI. BGP setting using FRR, all working fine:



    And the ping to AWS IP is working in pfsense box:

    Also working on my computer:

    The problem just came after I update the Firewall Rules for LAN from Default into MultipleWAN Gateway. I can only ping from pfsense box to AWS, but the dynamic routing doesn't apply to other computer inside LAN.

    How to get the benefit of VTI and MultipleWAN Gateway working? I can setup P2 rules and get its working, but its hard to maintain and since I use the VPN from Transit Gateway, with more and more account added into TGW, its very hard to add P2 rules.


Log in to reply