Locally generated traffic not flowing into IPsec site-to-site tunnel
-
Hello,
I have IPsec in tunnel mode connected to GCP. For devices connected behind the pfSense everythign is workign just fine. But whenever I'm trying to generate traffic on the pfSense itself expecting it to traverse through the IPsec, nothing works. When doing some routing checks, I see that the traffic originated on teh pfSense targetting private IP range via the IPsec is in reality sent out through WAN interface (where its droppped), instead of being routed via the IPsec tunnel. Ive found "https://forum.opnsense.org/index.php?topic=20868.0" thread, but I cannot find the referenced option there.
What Im I missing?
Thanks
Vit -
The usecase Im trying to get working here is DHCP relay. I can confirm that the DHCP broadcast is reaching the pfSense, but forwarded out via WAN interface. In case I configure the DHCP relay to poin to host on directly connected interfaces, all is working fine. Meaning the DHCP relay is functioning properly.
-
Seems this is a known limitation: https://forum.netgate.com/topic/118063/dhcp-relay-over-ipsec-vpn/16