Help me troubleshoot IPsec tunnels not routing properly?
-
I have a network set up with two sites connected across a wan link and I'm having a problem getting everything talking with everything else. I have three /24 subnets 192.168.1.0, 192.168.2.0, and 192.168.3.0 and devices in the .3 subnet can ping any device in any of the three subnets. But devices in the .1 or .2 subnets cannot ping past the LAN interface of the .3 subnet. They can ping 192.168.3.1 but cannot ping anything else.
I'm fairly certain it's a routing issue, but I haven't been able to make anything work. Help!
To clarify: devices in 192.168.1.0 and 192.168.2.0 can ping the LAN interface of pfsense2 (192.168.3.1) but cannot ping any device in that subnet (i.e. 192.168.3.10) but devices in that network can ping all devices in 192.168.1.0 and 192.168.2.0.
Because I can ping a lan interface but not a device in the network, it feels like a routing issue rather than a firewall issue, but I can't see what I'm missing in my configuration.
-
@agrikk
I suspect, that the destination device in 192.168.3.0/24 blocks access from outside of its subnet. -
@viragomann This was exactly what it was: it was Windows Firewall running on that server.
Gaaaaa!