Paul Mansfield wrote:
On 22/09/09 17:36, Scott Ullrich wrote:
That is normal. Traffic on the firewall itself prefers the system
routing table. Clients behind the firewall will prefer the IPSEC
tunnel. Pretty sure that is documented somewhere on the doc site.
if you want connections initiated by the firewall to go over the IPSEC
tunnel you have to add a static route to the remote LAN via the local
LAN IP.
e.g. if remote network is 10.20.30/24 and lan is 10.10.10.1 the static
route looks like this...
INTERFACE NETWORK GATEWAY
LAN 10.20.30.0/24 10.10.10.1
Sorry, it does not make much sense to me. You can have this route but it
will never work.
Eugene.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
