Hi Noel, Quick update to the thread.
I know that pfSense is not related with this mailing list, but as a proof of concept for the issues described here the pfSense LAB site-to-site was set up and it worked flawlessly 👉 https://blog.infoitech.co.uk/pfsense-ipsec-vpn-routed-vti-site-to-site/ I have switched one of the pfSense boxes used in the example above to stablish the tunnel with my Linux box and still the same issues as before. I am writing a script to capture packets throughout all my iptables chains and I will then analyze the captures to see if I can spot something. Best Regards, Tiago. ________________________________ From: Users <users-boun...@lists.strongswan.org> on behalf of Tiago Stoco <tmsbl...@msn.com> Sent: Friday, September 10, 2021 7:31 AM To: Noel Kuntze <noel.kuntze@thermi.consulting>; Noel Kuntze <noel.kuntze+strongswan-users-ml@thermi.consulting>; Tobias Brunner <tob...@strongswan.org>; users@lists.strongswan.org <users@lists.strongswan.org> Subject: Re: [strongSwan] IPSec route based VPN - VTI interface TX Errors NoRoute Hi Noel, I did not give up on this yet. The last couple of days were quite busy at work and home. However, I have managed to draw a diagram on how I believe the site-to-site VPN would work 👇 https://blog.infoitech.co.uk/content/images/2021/09/ipsec_diagram2.png It is quite obvious how the traffic should flow through the VPN tunnel to allow the subnets to talk to each other. I have managed to spin up a new VM running pfSence to test a pfSense to Pfsense setup and then I will spin another VM to replicate the example you have shared. Finally, I will be able to verify if my idea will work and be able to identify where is the anomaly in my current setup. Wish me luck, Best Regards. Tiago ________________________________ From: Noel Kuntze Sent: Friday, September 3, 2021 6:22 PM To: Tiago Stoco; Noel Kuntze; Tobias Brunner; users@lists.strongswan.org Subject: Re: [strongSwan] IPSec route based VPN - VTI interface TX Errors NoRoute Hello Tiago, It's more meant as a practical example on how to configure this and to look for anomalies in your setup. Kind regards Noel Am 03.09.21 um 22:54 schrieb Tiago Stoco: > Hi Noel, > > I will replicate the example below in my lab in the hopes to better > understand the concepts behind an IPSec VPN tunnel. > > Tiago Stoco. > >
