Interesting traffic is not encapsulated



  • 1.2.3-RC1
    LAN=10.29.1.19/24
    WAN=x.x.x.106

    remote LAN=10.29.11.1/24
    remote WAN=x.x.x.225
    Tunnel is up.

    When I do from pfSense itself ping -S 10.29.1.19 10.29.11.1 everything goes well, ESP packets and ping reply.
    When I do ping 10.29.11.1 from 10.29.1.34 connected to LAN traffic goes NATed out of WAN:
    18:51:33.862273 IP x.x.x.106 > 10.29.11.1: ICMP echo request, id 22499, seq 57389, length 40

    10.29.1.0/24[any] 10.29.1.19[any] any
            in none
            spid=45 seq=3 pid=4536
            refcnt=1
    10.29.11.0/24[any] 10.29.1.0/24[any] any
            in ipsec
            esp/tunnel/x.x.x.225-x.x.x.106/unique#16418
            spid=48 seq=2 pid=4536
            refcnt=1
    10.29.1.19[any] 10.29.1.0/24[any] any
            out none
            spid=46 seq=1 pid=4536
            refcnt=1
    10.29.1.0/24[any] 10.29.11.0/24[any] any
            out ipsec
            esp/tunnel/x.x.x.106-x.x.x.225/unique#16417
            spid=47 seq=0 pid=4536
            refcnt=1

    Please any hint -(



  • Does your firewall allow rule on the LAN interface use the default routing table?



  • @blak111:

    Does your firewall allow rule on the LAN interface use the default routing table?

    firewall rule -  "from any to any" for all interfaces ….


Log in to reply