Pfsense 2.0 / policy based routing

  • I have been fighting with this for 5-6 hours now and have not been able to figure it out. I have setup two openvpn tunnels going across two iso connections (site-to-site) and created gw groups on each side so that i can fail over to one connect or the other, or apply other rules, but this fails. Policy based routing simply will not allow the traffic to come back through the tunnel. If i add a static route it comes up but of course this only works with one tunnel or the other. My setup looks like the following :

                    -> connection 1 10.x.x.20/30
                    -> connection 2 10.x.x.24/30

    (PTP-Client) same , routes and gw's are added on both sides, but unless I have a static rout pointing to one of the gw's it will not pass traffic back ( I say back because if I do a tcpdump I can see the traffic on the other end of the pipe, but the traffic does not return back to the originating –> ping host on side b, side b sees ping packet, but packet does not get back to side a.

    Hope someone has some ideas!


Log in to reply