Ipsec tunnels cause SQL connections to stop

  • Hi there,

    I have a Pfsense box running 2.1.5. I have 3 interfaces setup on it. The Wan interface is using a 4g Dongle which is fine. Then the 2 LAN interfaces are the other 2. When I have no Ipsec tunnels running, or the dongle is not connected so no internet connection then I can get an SQL connection from the one lan to the SQL server on the 2nd lan.

    But as soon as the Ipsec tunnels come online, I am unable to connect to make an SQL connection to that server. I am able to make other connections to it, windows explorer, VNC, pings. But no SQL.
    I have rules in place to allow it to make the connection, I can see the traffic being generated and allowed through, but still, Ipsec online and no SQL connections will work.

    Any ideas?

  • I have been trying to figure this one out and found something else strange going on.

    When the Ipsec tunnels are up, if I try to ping that SQL server's IP from Pfsense and from the same interface it connects to, it then seems to direct the traffic back down the Ipsec tunnel as I see the traffic hitting the firewall on the other end.
    No Ipsec then it seems to go direct.

    How can I specific that even with IPsec, local addresses can be found locally?

    May be relevant, but I have compared route tables and Arp tables between Ipsec connected and not connected and they are the same.

Log in to reply