Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No traffic between OpenVPN site-to-site

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 557 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      coff33
      last edited by

      Hey there

      I got an issue with an OpenVPN site-to-site setup in a lab environment. I have a pfSense OpenVPN server and a pfSense OpenVPN client, both running with 2.3.2-p1. The connection on both server and client is up. I use the following configuration:

      pfSense OpenVPN server:
      LAN: 10.0.0.1/27
      WAN: 10.1.0.1/24

      pfSense OpenVPN client:
      LAN: 10.0.0.33/27
      WAN: 10.1.0.2/24

      On both pfSenses I have one client connected each:
      Client on pfSense OpenVPN server:
      eth0: 10.0.0.4/27
      Default gateway: 10.0.0.1

      Client on pfSense OpenVPN client:
      eth0: 10.0.0.36/27
      Default gateway: 10.0.0.33

      Tunnel network is 10.0.1.0/30.
      I omit further configuration details since the tunnel stands. If desired I'm happy to provide them.

      The routes are propagated correctly on both pfSenses as far as I understand:
      pfSense OpenVPN server (just an excerpt):
      10.0.0.0/27        link#2            U          em1
      10.0.0.1          link#2            UHS        lo0
      10.0.0.32/27      10.0.1.2          UGS      ovpns1
      10.0.1.0/24        10.0.1.1          UGS      ovpns1
      10.0.1.1          link#7            UHS        lo0
      10.0.1.2          link#7            UH      ovpns1

      pfSense OpenVPN client (just an excerpt):
      10.0.0.0/27        10.0.1.1          UGS      ovpnc1
      10.0.0.32/27      link#2            U          em1
      10.0.0.33          link#2            UHS        lo0
      10.0.1.0/24        10.0.1.2          UGS      ovpnc1
      10.0.1.1          link#7            UH      ovpnc1
      10.0.1.2          link#7            UHS        lo0

      The problem is, that I can't reach the clients behind the pfSenses either way. I'm able to reach the virtual tunnel IPs from the server to the client and reverse. Nevertheless when I ping from 10.0.0.4 to 10.0.0.36 I can see traffic leaving the ovpns1 interface on the server but not incoming on the interface ovpnc1 on the client. The same behavior occurs when pinging from 10.0.0.36 to 10.0.0.4.
      I'm running out of ideas. I triple checked the configuration and couldn't find any mistakes. Maybe you have ideas to approach this problem.

      Thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.