Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC site to site on LAN2 port. Traffic is routed through WAN1 and not through the tunnel (LAN2 port on Netgate 6100).

    Scheduled Pinned Locked Moved
    IPsec
    1
    2
    120
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Anders Mogensen 0
      last edited by Anders Mogensen 0

      I have a setup with 2 Netgate 6100 in HA. I made a Site to site IPSEC VPN tunnel from my site A to Site B. I have used the LAN2 port on site A, and it is connected to a MPLS router. Site B is a Sonicwall NSA2700 firewall.
      The tunnel is up, and I can ping hosts on site B from firewall A (diagnostic menu). From site B, I can ping hosts on site A from firewall B and also from hosts on site B.
      I can not ping hosts on site B from the hosts on site A. When running a tracert, I can see that PFSense is routing the traffic through the WAN1 GW. Even more strange, WAN1 is not the deafult gateway, it has tier 2 in the GW group, WAN2 has tier1.
      When I disable the interface on WAN1, everything works as expected. I have used hours on troubleshooting, and now I need help... Am I missing something?

      A 1 Reply Last reply Reply Quote 0
      • A
        Anders Mogensen 0 @Anders Mogensen 0
        last edited by

        @Anders-Mogensen-0 After many hours of troubleshooting, I found a "rough" unit on the network with the same IP!
        But it is still strange, that disabling the WAN1 port, would make everything work as expected...

        1 Reply Last reply Reply Quote 1
        • First post
          Last post