Tunnel with custom default gateway on WAN
I'm trying to connect the internal network of two esxi boxes using ipsec. The setup is working in my homelab just perfect, but I'm having trouble setting everything up and running on OVH.
OVH has a restriction to use the main IP of the server for every ip subnet as a gateway.
Consider you have the following IP: 22.214.171.124
And this subnet: 126.96.36.199/30
You'd have to use 188.8.131.52 as a gateway for every ip in 184.108.40.206/30.
I'm using shellcmd to set up the following routes for the WAN interface:
route add -net 220.127.116.11/32 -iface em0
route add default 18.104.22.168
This is working and I get connectivity on the WAN and the internal network. I've setup ipsec between my two pfsense hosts using LAN 192.168.0.1/24 and LAN 192.168.1.1/24 just like in my homelab (added firewall rules, made sure ipsec connects and stays alive). Everything seems to work, except when I try to connect to a host on the other side of the net. I'm not even able to ping the internal address of the other pfsense box.
I think the problem is that pfsense routes all traffic over the 22.214.171.124 gateway I added with shellcmd to get WAN connectivity.
allowed also all traffic in ipsec tunnel? (rule)
Yep (ipsec): IPv4 * * * * * *
Hello, I'm in the same boat, so I'm curious to know if you managed to setup your IPSec tunnel on the OVH infrastructure?