Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    One way traffic over Tailscale VPN

    Scheduled Pinned Locked Moved Tailscale
    1 Posts 1 Posters 40 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ag0s
      last edited by ag0s

      We have a very basic configuration between three locations. All are running Netgate firewalls (1x 4100, 1x 6100 & 1x 4200). All are on the latest firmware (03.00.00.01-2Ct-uc-15) and system versions (24.11-RELEASE).

      The local subnets are as follows:
      4100 - 192.168.5.0/24
      4200 - 192.168.4.0/24
      6100 - 192.168.1.0/24

      The VPN traffic between the 4100 and 4200 is functioning 100% as expected

      The traffic between 6100 and the 4100 works going from the 4100 subnet (192.168.5.0/24) to the 6100 subnet (192.168.1.0/24)

      Traffic from the firewall (i.e. the 6100 device) to the 4100 subnet works (i.e. I can ping any device on the 192.168.5.0/24 subnet from the 6100 firewall) but I cannot ping any device on the 4100 (192.168.5.0/24) subnet from any device on the 6100 subnet (192.168.1.0/24) - other than from the firewall itself.

      All routes are correct, but it seems that traffic from the 192.168.1.0/24 subnet hits the firewall and then gets lost - traceroute shows that it goes off into the internet.

      Note too that the 6100 has IPsec VPN configured on it as well

      Suggestions would be appreciated

      Attached is a zipped pdf file with the relevant screenshots
      Relevant screen shots.zip

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.