IPsec via IPv6 issue
location 1: 192.168.1.0/24 - pfSense1 on 192.168.1.254 - DHCP for clients .100 to .199
location 2: 192.168.2.0/24 - pfSense2 on 192.168.2.254 - DHCP for clients .100 to .199
Working IPsec IPv4 link between both sites. All devices from location 1 can reach all devices from location 2, and the other way around also.
Now I switched the IPsec phase 1 from IPv4 to IPv6. The phase 2 remains at IPv4 (since I use IKEv2, that is possible).
Result: all devices from location 1 can only reach pfSense2 (not the other devices on site 2), and all devices from location 2 can only reach pfSense1 (not the other devices on site 1).
Anyone else experienced this?
(since I am still using IPv4 inside the tunnel as before, it's not a firewall issue)
EDIT: Update: ping works to all, but no webinterfaces, so must be an MTU issue I guess...
EDIT: Update2: Activating MSS Clamping and lowing the MSS to 1300 bytes fixed the issue! :-)