Hi Rudy, thanks for answering. I have a default route and I had success while using localhost as gateway in the past. But static routes do no longer help. I tried your proposal with a fictive gateway. No chance.
Would be interesting, if the same bug happens with wireguard. > Am 01.11.2020 um 02:10 schrieb Rudy Baker <rizzz2...@gmail.com>: > > I might be off, maybe the problem was fixed in later releases but on OpenBSD > 5 if I had an IPsec tunnel to a network with no actual route in the routing > table for that network (and no default gateway), things wouldn't be routed > through the tunnel. I’m not aware of any fix or official statement since 4.x Time to move away from OpenBSD. )-: > > I could even set up a route that led to a bogus gateway just so that there > was a route to the network in the table and it would obey the tunnel. A > default gateway would fix the issue too since that traffic would match that. > > So I would say make sure you have a route to the network across the tunnel or > even a default gateway set. It sounds dumb since on every other os on the > planet IPsec creates routes but seems on BSD, you need to have a real route > defined before it falls through to the IPsec routes and sends the traffic > through that. > > It's a long shot but hope it helps Axel --- PGP-Key: CDE74120 ☀ computing @ chaos claudius
signature.asc
Description: Message signed with OpenPGP
