Bug #9036: The bypasslan feature should be configurable for any interface. - pfSense - pfSense bugtracker

Actions

Copy link

Bug #9036

closed

The bypasslan feature should be configurable for any interface.

Added by NCATS LAB about 6 years ago. Updated about 6 years ago.

Status:

Duplicate

Priority:

Normal

Assignee:

Category:

Target version:

Start date:

10/11/2018

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

Affected Architecture:

Description

In StrongSwan, the bypasslan feature is configurable for any interface.
However, in pfsense we are limited to only the interface labeled LAN.

This will force us to use route VTI, which we really don't want to use as:
1. Strongswan lists routevti and bypasslan as incompatible
2. We don't want to have to start carving out /30 subnets to make route based VPNs to work.

Please make bypasslan configurable for any interface.

Note: This seems to say bypasslan and route based lans are incompatible. Is this true for the pfsense implementation?
https://wiki.strongswan.org/projects/strongswan/wiki/Bypass-lan

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #9036

The bypasslan feature should be configurable for any interface.

Updated by Jim Pingle about 6 years ago

Updated by NCATS LAB about 6 years ago

Updated by NCATS LAB about 6 years ago

Updated by Jim Pingle about 6 years ago