<![CDATA[IPSEC do not route trafic coming from other IP's (not local subnet but from a subnet connected with a router with local)]]>

<![CDATA[IPSEC do not route trafic coming from other IP's (not local subnet but from a subnet connected with a router with local)]]>Hi,
I am new on pfSense and IPSEC and now I am stuck for few days trying to configure all I need.

I have next config:
my local net: 10.10.0.x with gw 10.10.0.254 (used for internet connection)
on the gw i have also a openvpn server and clients have ip's in 10.8.0.x and gw for them on 10.8.0.1

I installed pfSense for IPSEC and in next time want to move slowly all services form old router (ClearOS) on pfSense.
So I have pfsense on 10.10.0.200 and remote net is 10.30.0.x.
All routing between 10.10.0 and 10.30.0 are working ok.
The same from 10.8 to 10.10
But when I try ping from 10.8 ip to IPSEC ip, pfsense receive on xn0 interface the ICMP packet but do not pass to enc0. I receive TTL expired in transit.

If i ping from 10.30.0 ip to 10.8.0.1, packet go to destination and when return stuck in the same place, on xn0 interface of pfsense.
As I told, ping from 10.8 to 10.10.0.200 is ok. Also ping from 10.30 to 10.0.0.254 is ok.
I do not understand why pfsense do not want to route a packet to 10.30 comming from 10.8

Any advice is welcome.
Thanks

]]>https://forum.netgate.com/topic/195764/ipsec-do-not-route-trafic-coming-from-other-ip-s-not-local-subnet-but-from-a-subnet-connected-with-a-router-with-localRSS for NodeTue, 17 Mar 2026 03:21:48 GMTSat, 28 Dec 2024 22:20:31 GMT60<![CDATA[Reply to IPSEC do not route trafic coming from other IP's (not local subnet but from a subnet connected with a router with local) on Sun, 29 Dec 2024 09:58:53 GMT]]>Hi,
you may try do reboot the pfsense, the routing table is sometimes a little bit weird.

]]>https://forum.netgate.com/post/1200901https://forum.netgate.com/post/1200901Sun, 29 Dec 2024 09:58:53 GMT