Interesting traffic is not encapsulated

Eugene

1.2.3-RC1
LAN=10.29.1.19/24
WAN=x.x.x.106

remote LAN=10.29.11.1/24
remote WAN=x.x.x.225
Tunnel is up.

When I do from pfSense itself ping -S 10.29.1.19 10.29.11.1 everything goes well, ESP packets and ping reply.
When I do ping 10.29.11.1 from 10.29.1.34 connected to LAN traffic goes NATed out of WAN:
18:51:33.862273 IP x.x.x.106 > 10.29.11.1: ICMP echo request, id 22499, seq 57389, length 40

10.29.1.0/24[any] 10.29.1.19[any] any
        in none
        spid=45 seq=3 pid=4536
        refcnt=1
10.29.11.0/24[any] 10.29.1.0/24[any] any
        in ipsec
        esp/tunnel/x.x.x.225-x.x.x.106/unique#16418
        spid=48 seq=2 pid=4536
        refcnt=1
10.29.1.19[any] 10.29.1.0/24[any] any
        out none
        spid=46 seq=1 pid=4536
        refcnt=1
10.29.1.0/24[any] 10.29.11.0/24[any] any
        out ipsec
        esp/tunnel/x.x.x.106-x.x.x.225/unique#16417
        spid=47 seq=0 pid=4536
        refcnt=1

Please any hint -(

blak111

Does your firewall allow rule on the LAN interface use the default routing table?

xyeba

@blak111:

Does your firewall allow rule on the LAN interface use the default routing table?

firewall rule -  "from any to any" for all interfaces ….