Localhost unable to ping over multiwan VPN
-
I have a couple of physical interfaces in a routing group, using this group the firewall can ping external addresses with no issues.
As soon as I add a gateway group with an OpenVPN gateway as priority 1 I lose the ability to ping (Time to live exceeded)/update packages/etc. on the firewall. The same gateway is fine for selective routing from my internal VLAN interfaces.
Do I need to add something in NAT for the firewall to be able to communicate? I am running Hybrid Outbound NAT otherwise the OpenVPN connections "don't work".
-
@jstride said in Localhost unable to ping over multiwan VPN:
Do I need to add something in NAT for the firewall to be able to communicate?
Yes, you have to add an outbound NAT rule for pfSense (127.0.0.0/8) to that VPN interface.
-
@viragomann adding that for outbound NAT, unfortunately, doesn't fix the problem, still can't ping/curl from the firewall.
The VPN interfaces don't have any firewall rules (and work from the internal VLAN/interfaces) is there anything else I need to do.
pftop gives a state of 0:0 for localhost to external IPs and time to live exceeded when using the VPN interface, but I don't even see pftop entries when using the default WAN gateway.