Ok so we're getting somewhere

When we transfer files from one Hyper-V HOST to another HOST the traffic light up and we can see all graphs and peer status changes to UP

Not so much for the VMs

They all use the same NIC to communicate between the ends, so it is strange that WanOS is not "seeing" the traffic passing in them but is for the Hosts

We tried disabling virtual machine queues and ipsec offloading on the guest vms without success

Still searching for a cause, any tips?

Thanks for answering! Here are some screenshots (attached)

We are now using UDP encapsulation to test everything

I can see traffic passing on passthrough, but not a single thing on optimized traffic, when I go to network / protocols I have graphs on both wan and lan, but seems to be a very small amount of it, that made me suspect that TMG is encrypting traffic before wanos and since it cant optimize encrypted traffic, is passes through all, therefore being a problem with our topology

Can you see anything inherently wrong in our configuration?

I will try switching interface roles.


We are trying WanOS v3.2.3 VM on 2 sites (HQ and Branch) in bridge mode, following the tutorial here:

The VMs are using 2gb of ram and 4cores each

We use TMG as UTM, witch closes an ipsec tunnel from HQ to Branch

Normally, is is like this:

Branch and HQ both uses an 20/20mbps dedicated link, HQ is and branch

HQ-LAN - HQ-TMG - Internet - Branch-TMG - Branch-LAN

What we are trying to achieve is this:

HQ-LAN - HQ-WAN_OS - HQ-TMG - Internet - Branch-TMG - Branch-WAN_OS - Branch-LAN

TMG has a WAN and LAN nic, the WAN nic is attached to a port connected directly to the internet router, the LAN to the local LAN

WanOS virtual WAN port is attached to the virtual LAN interface of the TMG, its LAN port is configured as internal-onlyb on Hyper-V

We can see traffic passing on WanOS dashboard on both ends, but no optimized traffic rx/tx, only pass-through

Peer status always list as "Idle", regardless of how we configure multisite

We tried changing encapsulation from ipcomp to udp on both ends, no luck

We even tried to trial keys on both ends to see if this was a problem, no luck

In both sites, the logs don't show the "peer detected on lan0" messages

Diagnostics screens shows all "OK" except password changed, which we don't believe may be the source of the problem

Did we miss a step in the configuration?

How can we diagnose the problem to make sure TMG is not the issue?


