Unable to get site-site VPN working
-
Hi
I've got a bit of a baffling problem and would appreciate some assistance.
I've set up a site-to-site VPN between two locations.
Office is 192.168.1.1/24
Home is 192.168.1.0/24Wireguard is up and running fine and I can ping devices at the office from home using the ping tool in the pfSense GUI.
Likewise, I can ping devices at home from the office using the ping tool.
However I cannot actually ping anything from either LAN. Static routes are present and correct, and traffic is even reaching the remote firewall - for example if I ping an address at home from the office, then look at Diagnostics > States on the home firewall, I can see the packets coming in.
I've followed the pfSense official guide and also Christian McDonald's YouTube video.
Would appreciate suggestions for next troubleshooting steps.
Thanks!
-
@stevelup said in Unable to get site-site VPN working:
Office is 192.168.1.1/24
Home is 192.168.1.0/24These networks are obviously overlapping.
If they are really like this you should change your home subnet to something else. -
@viragomann sorry, my apologies - that was a silly typo.
Office is 192.168.1.0/24
Home is 192.168.0.0/24 -
@stevelup I guess it's show your rules time.
-
@stevelup said in Unable to get site-site VPN working:
However I cannot actually ping anything from either LAN.
Maybe the destination devices are blocking the access from the remote site.
Remember that this is the default behavior of common operating systems. You have to allow access from outside in its firewall first.
-
@viragomann No, it's not that - these are known pingable devices, and in any event, I can ping them across the VPN from the pfSense GUI.
-
@Bob-Dig Indeed it is! I'm out this evening, but will do a full set of screenshots tomorrow.