Hi, I was wondering if someone could explain the following behaviour and why it might be happening.
2x internet interfaces I-1 and I-2
L2TP IPSEC VPN from remote sites connecting into I-2
Remote site ip address is R-1
1. If I set the default route for the router to gateway=I-2 then the incoming connections from the remote site works fine so the basic VPN configuration is all ok.
2. If I set the default route to gateway=I-1 but I put a specific route in for R-1 to go through gateway=I-2 then this also works ok.
3. If I leave the default gateway=I-1 and instead of adding a specific route for R-1, I mark traffic in the OUTPUT mangle chain with a routing mark of "Route-2". I then add a route for routing-mark "Route-2" and tell it to use gateway I-2 then the VPN will never connect.
It is as though IPSEC traffic is somehow excluded or ignored in the mangle rules for routing which is odd as these same mangle rules catch other traffic leaving the router without any problems.
Any help or advice would be greatly appreciated.