Can't pass trafic from default interface through tunnel



  • Hi!

    Strange! This was fully working with 2.1.5. One side is a 2.2.1 now and name resolution is acting up from the 2.2.1 side.

    I can ping back and forth from both LANs (with hosts). The problem is that name resolution is not working. I've got a "Domain Overrides" which points to the other sides DNS.

    Tried to ping, from Diagnostics, from default interface. No go. Pinging from LAN interface is OK.

    […] time passes tries stuff. When I read my above explanation it gave me an idea to test.

    SOLVED. But is this the right way to do it?
    I changed the "Outgoing Network Interfaces" for DNS Resolver to LAN and name resolution works.  :-\

    Tried to ping from the console through the tunnel. Doesn't work.
    Is it something here I don't understand about IPSEC?

    Brgs,



  • Talking to myself. No not crazy at all  :o

    My solution above is not the right way I think. The underlying issue with IPSEC is traffic from pfsense, how to get it to route its own traffic.

    This solved the problem with "DNS Resolver" not working, that is; not reaching a DNS on the other side of the tunnel. After this I could restore the setting for "Outgoing interface" to "All" instead of "LAN".

    https://doc.pfsense.org/index.php/Why_can't_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN


Log in to reply