Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default GW on WAN not reachable after adding GRE OPT1

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bc2011
      last edited by

      Hi there.

      I'm having this strange issue with latest pfsense setup. I have pfsense with WAN and LAN and server in LAN network. In that setup everything works OK. But when I add GRE tunnel - OPT1 interface is added my default GW is not reachable anymore, so DNS queries, ntp, browsing etc … is impossible from internal side. NAT rules from internet works fine. Any ideas. It's enough to disable OPT1 to get access to the internet.

      1 Reply Last reply Reply Quote 0
      • B
        bc2011
        last edited by

        I've tried with previous version of pFsense and i figure out following:
        traffic from internal network to outside stop working when I add this static route, which has remote GRE ip address for gateway,
        to explain it a bit more (ip addresses are not real in following example)

        WAN on my side 193.2.2.116 (IPSEC)
        GRE on my side 193.2.2.116

        WAN on provider side 89.22.33.233 (IPSEC)
        GRE on provider side 76.44.33.211

        I'm having both ipsec and GRE on same FW, provider does not, so ipsec needs to be established first for GRE to work

        problem here is that as soon as I enter this static route like

        10.20.40.64/27 via 76.44.33.211 (remote GRE) on my pfSense firewall

        my default GW is not reachable anymore, so DNS queries, ntp, browsing etc … is impossible from internal side.
        traffic from outside still works, ipsec and GRE are up, but's it's really annoying, I can't even update my windows server behind pfSense,

        any ideas, anyone?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.