Can't pass trafic from default interface through tunnel
-
Hi!
Strange! This was fully working with 2.1.5. One side is a 2.2.1 now and name resolution is acting up from the 2.2.1 side.
I can ping back and forth from both LANs (with hosts). The problem is that name resolution is not working. I've got a "Domain Overrides" which points to the other sides DNS.
Tried to ping, from Diagnostics, from default interface. No go. Pinging from LAN interface is OK.
[…] time passes tries stuff. When I read my above explanation it gave me an idea to test.
SOLVED. But is this the right way to do it?
I changed the "Outgoing Network Interfaces" for DNS Resolver to LAN and name resolution works. :-\Tried to ping from the console through the tunnel. Doesn't work.
Is it something here I don't understand about IPSEC?Brgs,
-
Talking to myself. No not crazy at all :o
My solution above is not the right way I think. The underlying issue with IPSEC is traffic from pfsense, how to get it to route its own traffic.
This solved the problem with "DNS Resolver" not working, that is; not reaching a DNS on the other side of the tunnel. After this I could restore the setting for "Outgoing interface" to "All" instead of "LAN".
https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN