Tunnel accessible one way
deresistance last edited by
I have a nice IPSec tunnel setup between pfsense and monowall at 2 locations connected through 1 connection. Recently I installed another provider at the pfsense side and I am doing a load balanced connection. Since I have I can not access my remote location (monowall side) since I have done this. Yet I some servers doing DFS replication CAN access through the tunnel to my other location. From the remote location I can access everything on the other side no issues. I have a feeling its an issue where I am being routed to a bad location?
Is there anything I should set on my local lan so that it routes all the remote subnet to the correct connection? Obviously the IPSec tunnel is connecting to 1 ISP no failover or anything yet.
(Loabalance WAN1, WAN2)
So long story short when on the 126.96.36.199 subnet I can not access the 10.0.0.0 subnet. I can visa versa. Is it because my local traffic is being load balanced to the wrong WAN interface? What is the fix?
sullrich last edited by
1. Traceroute to a host on the other end of the tunnel.
2. Double check firewall rules on each end of the tunnel and ensure that it is allowing the traffic.
hoba last edited by
Add a firewall rule like this at the loadbalancing pfSense (top of the firewallrules):
pass, protocol any, source lan subnet, destination network 10.0.0.0/24, gateway default
This will fix it.