Dear Support, I have multiple WANs at one site, and it I have a few different places which I am connecting tunnels to. It appears that creating new connections to the end points is a little unpredictable.
I can't seem to control which interface the initial contact packets comes from. I don't know how to explain this, but let's say I have two WAN connections. I have named them CABLE and LEASED. Several tunnels work fine, but these last two have been completely out of control. No matter what, in one case I am going down the wrong line. According to IPsec policy this tunnel is configured for Interface "CABLE", and everything else set properly. Site-A has two lines. Site-B has only one. Site-B can instatiate successful VPN connection, Site-A cannot. Site-A persistently, in this one tunnels case, is using the wrong line. I cannot determine a good method for forcibly routing the traffic, and racoon doesn't seem to honor the source-interface configuration. Racoon is binding to the correct IP addresses. On the same topic, I was unable to successfully convince racoon to bind to a virtual IP as well. I have been forced to use the Interface IPs. Advice, help, ideas? Sincerely, Joshua --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
