Looks like the 'up' statement is already being used by one of pfSense's internal scripts. So I'm gonna have to use the 'route-up' statement to execute my command. Also, 'script-security' has already been set to 3, so setting it again would be redundant.

Glad you have everything up and running again. -Rico

@Konstanti Thx for the help. Indeed outbound NAT was enabled. After changing that everything works as exspected.

It's now resolved. It was none of the above. Changing tunnel network to be /30 resolved it. I tested it afterwards: switching to /24 works in one direction switching to /30 full routing in both directions It shouldn't happen. I did try on a fresh installs of pfsense. Piotr

@konstanti I get 3 simultaneous connections; One connection is dedicated to the pfSense box. The other two are used on family laptops when travelling.

@viragomann Thanks very much, that works perfectly :)

Thanks, all solutions works good for me.

Did you do the OpenVPN routes correctly this time? You should never set any static routes for OpenVPN. Set local and remote networks in the server and client configs and let OpenVPN do it. Else we're going to need screen shots of the configurations. Not a summary of what you think you did. OpenVPN server and client and Diagnostics > Routes probably a good place to start. Plus the specific IP address pairs and how you're testing.

i added to Concurrent connections number 5 but still not working . i want to mention that the openvpn working fine but from only single internet source if the client change the internet source or just ip changed cannot reconnect again

Managed to find the issue. Didn't open the advanced box and in there was an option to select gateway. After that and a reboot all appears fine

pfSense is not a mail server! @jpscirocco said in Sitetosite routing problems: but it is maybe possible that just 1 client from network a uses the internet from network b ? If your router at site A is capable of doing this, it would work. Since it is not pfSense, this is the wrong place to ask that.

ok ! i'm going to do this

Suppose this was the wrong forum to ask in.

@derelict I forgot to add an user certificate Because I authenticate users from radius I had to add an certificate for the user Thank you

Glad that looks like a viable option for you. FYI the proper channel for feature requests is to open a feature request at https://redmine.pfsense.org/

@johnpoz I needed to reboot the pfSense box today for another reason, and it seems that Unbound now no longer restarts if an OpenVPN connections is established. So I guess that was only a temporary issue. Thanks for your help!

@arthurg94 De rien ))