Communications Drop
-
I have setup a VPC at Digital Oceans, I have setup a droplet in the VPC with pfsense installed. I have setup rules and have an IPSec tunnel setup between my office Cisco ASA5506 and the VPC. When on other device inside the VPC is setup to use the pfsense host as their default gateway, everything is fine. after the ipsec tunnel is up, I can ping the private ip address of the pfsense machine from my computer in my office and can ping my office computer from the diagnostic tools on the pfsense host.
But my issue is whenever I go into one of the other host in the VPC and set their default gateway to be the pfsense host, I lose all communications to everything. The ipsec tunnel drops, web connection to the public web interface of the pfsense host drops. Nothing
All I can do is reboot all devices and get back to where I was.
Any suggestions.
Thanks from Confused.
-
After further testing, found the following
Even if the ipsec tunnel is not connected, the communications to the entire system will fail when one of the other droplets inside the VPC are set to use the pfsense host as the gateway.
-
When I run netstat on the pfsense machine, it does not look like the local hos of 192.168.10.3 is setup to be a gateway.
-
After further testing I have determined that the VPN tunnel did not fail.
I created a new tunnel to a different location.
Connected the ipsec tunnel between the two locations and did a test ping to the pfsense server private ip address, (192.168.10.3) it works.
Connected to the another host on the VPC network at DO and set its default gateway to 192.168.10.3 and able to ping it from the remote host of 192.168.0.2. The constant ping has been running for 2 hours now.But I did determine that when the initial site-to-site tunnel was connected, I lost communications to the public ip address of the pfsense host at DO from my local computer. (not part of the current VPN tunnel) And from the local VPN site, I cannot open the private ip address of the pfsense host through the vpn tunnel. https://192.168.10.3. But I can ping the host of 192.168.10.3
I have a setting wrong someplace. Any suggestions?