Announcement

Collapse
No announcement yet.

IPsec binding to wrong interface

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • IPsec binding to wrong interface

    Hi,

    I'm having difficulty controlling what policies my IPsec's are hitting.

    I have the following networks/interfaces:
    WAN x.x.x.x/27
    LAN 192.168.0.0/24
    DMZ 192.168.140.0/24
    GUEST 192.168.10.0/24

    IPsec1 = 192.168.6.0/24
    IPsec2 = 10.10.100.0/24

    I've attached three screenshots, the first shows the traffic from IPsec1 appears to originate from GUEST, thus hitting the "Guest - WiFi" policy. I then disabled the GUEST interface and then traffic now appears to come from DMZ and is hitting my "default" policy. So finally disable DMZ interface and now traffic is comming from LAN interface and not hitting any policy.


    Click image for larger version  Name:	1 - Guest.png Views:	0 Size:	29.2 KB ID:	395686 Click image for larger version  Name:	2 - DMZ.png Views:	0 Size:	29.4 KB ID:	395684 Click image for larger version  Name:	3 - LAN.png Views:	0 Size:	28.0 KB ID:	395685

    When going from LAN to IPsec network, the traffic goes to WAN.

    Click image for larger version  Name:	4 - WAN.png Views:	0 Size:	30.2 KB ID:	395687

    Whats going on???, cause this is really concusing.

  • #2
    Still suffering from the issue :-(

    Has no one seen this behaviour or have been able to replicate it?

    I don't understand why traffic physically originating on the WAN interface destined for the LAN interface, is looped over a third interface. The IPsec has been working solidly since I started with untangle and broke after I upgraded from 16.5.2 to 16.6.1.


    /Peter
    Attached Files

    Comment

    Working...
    X