IPSec & Openvpn client conflict
-
Hi
I have a issue i am hoping someone would have a good input for.
I have the following setup with two internal vlan , two ISP connections, and a OpenVPN connection which routes one vlan to a distant provider.
I am having problems with setting up a site 2 site IPsec connection.
my issue is that, when I stop my OpenVPN client connection, the site to site IPsec connection works. however if the OpenVPN client is running, the IPsec connection gets a timeout in phase2 and wont establish
-
Just a hunch ...
Do you have "default gateway" out of the OpenVPN gateway ?
That would prob. route your packages towards the ipsec dest. , out via the Ovpn. And stop when the OVPN is not active./Bingo
-
a good hunch, but unfortunately no
the default route is the primary ISP directly
i have a gateway group where the primary ISP is tier 1 and the secondary Tier 2, which is used for one of the vlan
the sec vlan use the OpenVPN connection as its connection
the IPsec and OpenVPN are sat to use the primary ISP interface directly
-
@bingo600
Your thought about gateway prompted me to look over the config and compare with input from my ISP.my primary IPv4 Upstream gateway was empty. I am not sure why it only worked temporary, when I closed the OpenVPN connection, it might be a route going wrong, like with a missing default gateway .
right now it looks stable :)
Thanks for the input
