To be blunt, I think you need to bring in somebody with more experience than you have.  If DNS didn't work then you wouldn't be able to map the share.  From what you've said it all sounds like an authentication problem.  When you map the share across the VPN:

a) Is the remote device on the domain?
b) Are you providing a username and password?

you could maybe, but not worth it, i don't think.  if you have a pfsense at the other site, have it do dhcp and have a different subnet over there.  there is nothing at all that requires PXE booting to be on the same subnet - you just need (IIRC) for the dhcp client options for site2 to point at the tftp server on site1 - once it has an IP everything should just work :)

@mhab12:

This worked for me some time ago on 1.2.2  I would suspect it's still a valid starting point.  Can't comment on your voip needs though…
http://forum.pfsense.org/index.php?topic=7840.msg45969

Thanks for the lead, I'll check it out.

@xerovis:

After we paid for support and asked for the config file we were told it would only work on a pre-release version of pfsense, which we could not download.

(resolved this long ago with xerovis privately but wanted to follow up here) That's not true, it only works with 1.2.3-RC versions, which are on all the mirrors.

The process is described here:
http://doc.pfsense.org/index.php/OpenVPN_Bridging

there are some issues with that, but it does work (with caveats). I'm working on updating that right now for an ideal configuration.

I have tried with Client-to-client enabled and disabled.  The PCs are getting the proper IPs and related settings.

yea give it a try set net bios to brodcast

ok… now this is embarresing.

After I posted this post, I was just checking again on all my configs, like Windows Settings, Openvpn and so on.

Then I thought: "ok let's do something stupid and switch the machine I try to log into SITE B from..." so I took another client and tried to access a PC of SITE B... and there it GOES!!! All working fine... After that I tried to access SITE B from the Windows Server again and it was working...

I can't explain why this works JUST NOW out of the blue but it does... so please ignore this stupid it guy and get on with the day  ::)

I've made some progress. The problem above still exists, but when I tried on a Windows machine I got a IP address via DHCP. However I can only connect to machines in the VPN Server network, on their public IP addresses. The client gets IP address 10.0.1.6/30 and default gateway is set to 10.0.1.5. Seems fine. The openVPN client is all green, and no error messages in the log file either on the server or client.

I cannot:

Ping my gateway, 10.0.1.5 Connect to any machine on internet except the ones in the VPN server network (public IPs)

I can:

connect to pfsense machine via HTTPS connect to another webserver in the same public network as the pfsense server make DNS req to the DNS server, also in the same network as the pfsense server

I have Outbound NAT (AON) for 10.0.1.0/28 to WAN interface address.

Yes this should be possible.

Yes you can configure everything in the GUI.
What doesn't work if you configure it as client?

I disabled compression on the server and client. This appears to have resolved the issue with the VPN bouncing.  I wish I knew why compression was causing the problem…it would be nice to have.

I also lengthened the keepalive to 'keepalive 10 120' on the server.

Elektro21

Edit:
Thought I had this fixed...but it is doing the same thing as before.  Down every 2 minutes (hence the 120sec timeout).  Still yet to determine why the link will not stay up...even with traffic across it.

Thanks!

GruensFroeschli,

Thanks so much for the advice – I've added this routing to both pfSenses and the gateway, and it now appears to work!  It still didn't cooperate until I remembered I had the firewall enabled on a linux box that was hosting the pfSense server on a VM -- needed to allow the remote network rather than just the LAN and WAN IP addresses of the pfSense box.  But the real sticking point was the routing, thanks again for your help.

-Ned

Well guess I will continue to use the external SNMP server.

Well I fixed the routing issue on pfSense by adding "ifconfig 10.0.0.5 255.255.255.0" to the custom options for the VPN.  But now my Windows client isn't routing my 10.0.0.0/24 traffic to the VPN.  I had it working originally but I don't even think it was working before I added the ifconfig to the VPN.

EDIT: Added "route 10.0.0.0 255.255.255.0" to the client config and all seems to be well.

Your diagram doesn't show where OpenVPN fits it, which makes it hard to answer.

The short version is - it is just networking, forward ports as you would normally.  Remember that the end point needs to have a fixed IP address.

i just had to typethe word edit at the end of the ipaddress for example 192.168.1.15/edit.php

Thanks neo.matrix_23, solution works in my end too. Best regards.

Okay, Reply #13 was very helpful. I added tun0 as OPT1 and then added an outbound NAT entry and now LAN traffic is able to go out the OpenVPN client.

Thanks GruensFroeschli for that tip.

OpenVPN works with public/private key pairs.  You need to issue a certificate to the client for it to connect.