IPSEC site to site on LAN2 port. Traffic is routed through WAN1 and not through the tunnel (LAN2 port on Netgate 6100).
-
I have a setup with 2 Netgate 6100 in HA. I made a Site to site IPSEC VPN tunnel from my site A to Site B. I have used the LAN2 port on site A, and it is connected to a MPLS router. Site B is a Sonicwall NSA2700 firewall.
The tunnel is up, and I can ping hosts on site B from firewall A (diagnostic menu). From site B, I can ping hosts on site A from firewall B and also from hosts on site B.
I can not ping hosts on site B from the hosts on site A. When running a tracert, I can see that PFSense is routing the traffic through the WAN1 GW. Even more strange, WAN1 is not the deafult gateway, it has tier 2 in the GW group, WAN2 has tier1.
When I disable the interface on WAN1, everything works as expected. I have used hours on troubleshooting, and now I need help... Am I missing something? -
@Anders-Mogensen-0 After many hours of troubleshooting, I found a "rough" unit on the network with the same IP!
But it is still strange, that disabling the WAN1 port, would make everything work as expected...