I have two IPFire-Boxes successfully deployed, one at the GH site and one at the
PB site, both running version IPFire 2.29-197.
The ORANGE networks at both sites are connected via IPSEC.
IPSEC is connected via VTI (172.31.77.0/29) and works
ORANGE GH = 192.168.77.254/24 VTI = 172.31.77.2
ORANGE PB = 192.168.76.254/24 VTI = 172.31.77.3
Static routes:
Location GH: 192.168.76.0/24 via 172.31.77.3 (VTI)
Location PB: 192.168.77.0/24 via 172.31.77.2 (VTI)
Ping from IPFire to all connected devices on the local network works perfect.
Ping from IPFire to almost all connected devices on the remote network works – except for .253 devices!
Why are the .253 addresses reachable/pingable from the local network,
but not from the remote network connected with IPSEC?
No special firewall rules have been entered,
swanctl --list-sas shows established,
IPSEC-Log/charon - no ERRORs
Are the .253 devices routing type devices? If so, could they be sending non-local source IPs out from their external interfaces or default routes rather than back into the LAN?
I know there are some devices which won’t respond to anything outside their own LAN subnet. I have seen this mainly on routers, but I suspect the ILO on my HPE server falls into the same category.
The SNAT rule is great for getting through the Windoze firewall on workstations and others. My mother’s Virginmedia router defeated me even with this, which leads me to believe it was inspecting the http headers .
Hello,
Yes - it’s definitely the device (OMADA) itself; changing the IP addresses on the OMADA devices resulted in the same effect - no respond! The device was replaced by a Raspberry Pi, and now it works. Strange!
.