Project

General

Profile

Actions

Bug #8549

closed

IPsec: Enable bypass for LAN interface IP has no effect when supernetting in IPSec P2

Added by Lars Wolos over 6 years ago. Updated about 5 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
06/06/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

My current setup allows access to the LAN Interface IP (192.168.1.1/24) through the IPsec VPN connection no matter how the above option is set. I have only one IPsec connection, which is set to use supernetting in IPsec Phase 2 (192.168.0.0/23, locally). I have a static route set in pfSense to some other gateway to my other local network (192.168.0.0/24) and VPN works like a charm, both local networks (192.168.0.0/24 and 192.168.1.0/24) can be reached through the tunnel, however including LAN interface IP 192.168.1.1/24 which is what I want to report as a bug. (SG-4860, 2.4.3-RELEASE-p1, amd64)

Actions #1

Updated by Jim Pingle about 5 years ago

  • Project changed from pfSense Packages to pfSense
  • Category set to IPsec
  • Status changed from New to Not a Bug

Not enough here to say what's going on, start a forum thread if it's still a concern. Bypass LAN wouldn't have anything to do with traffic arriving over IPsec.

Actions

Also available in: Atom PDF