Site-to-Site no ping 1.2rc3
-
Ok, here is my configuration:
I've followed the documentation to the t, except for where it's wrong.
It does say, the bold is incorrect, "Set Protocol to “TCP”, “Server address” must be set to the official IP of Office1 (if
that’s not the WAN interface of pfsense, your router has to do portforwarding),
“Server port” is 1193. “Interface IP” should be filled with your local subnet.
The “Remote network” field is the LAN subnet of Office1."so I have setup two lans, 192.168.252.1 and 192.168.250.1
252 = server side, 250 = client lan.
I have on the client side: (which is the 192.168.250.1 Lan)
Protocol TCP
Server address :70.xxx.xxx.xxx
Server port :1193
Interface IP 192.168.10.0/24
Remote network 192.168.252.0/24and on the server side,
Protocol TCP
Dynamic IP is checked
Local port 1193
Address pool: 192.168.10.0/24
Use static IPs not checked
Local network blanked,
Remote network 192.168.250.0/24Here are the logs I get.
client side, last to first
Nov 26 12:14:53 openvpn[39023]: Initialization Sequence Completed
Nov 26 12:14:53 openvpn[39023]: Peer Connection Initiated with Server Public IP:1193
Nov 26 12:14:52 openvpn[39023]: TCPv4_CLIENT link remote: Server Public IP:1193
Nov 26 12:14:52 openvpn[39023]: TCPv4_CLIENT link local: [undef]
Nov 26 12:14:52 openvpn[39023]: TCP connection established with Server Public IP:1193
Nov 26 12:14:52 openvpn[39023]: Attempting to establish TCP connection with Server Public IP:1193server side, last to first.
Nov 26 12:14:54 openvpn[43206]: Initialization Sequence Completed
Nov 26 12:14:53 openvpn[43206]: Peer Connection Initiated with Client Public IP:30633
Nov 26 12:14:53 openvpn[43206]: TCPv4_SERVER link remote: Client Public IP:30633
Nov 26 12:14:53 openvpn[43206]: TCPv4_SERVER link local (bound): [undef]:1193
Nov 26 12:14:53 openvpn[43206]: TCP connection established with Client Public IP:30633
Nov 26 12:14:51 openvpn[43206]: Listening for incoming TCP connection on [undef]:1193
Nov 26 12:14:51 openvpn[43206]: Preserving previous TUN/TAP instance: tun1
Nov 26 12:14:51 openvpn[43206]: TCP/UDP: Preserving recently used remote address: Client Public IP:12268
Nov 26 12:14:51 openvpn[43206]: Re-using pre-shared static key
Nov 26 12:14:50 openvpn[43206]: SIGUSR1[soft,connection-reset] received, process restarting
Nov 26 12:14:50 openvpn[43206]: Connection reset, restarting [0]and no ping, no traceroute, no ability to remote deskotop, can't outlook, etc.
firewall rules are setup on both sides to allow 1193 in and i'm getting nowhere.
please help?
-
anybody? help? this should be pretty simple, site to site, right? it's not working and i'm going to have to use another solution if i can't get this to work… i'd really like to use pfsense... what's going wrong?
-
could you post the actual openVPn config files?
(they are stored in /var/etc/ ) -
I have on the client side: (which is the 192.168.250.1 Lan)
Protocol TCP
Server address :70.xxx.xxx.xxx
Server port :1193
Interface IP 192.168.10.0/24
Remote network 192.168.252.0/24and on the server side,
Protocol TCP
Dynamic IP is checked
Local port 1193
Address pool: 192.168.10.0/24
Use static IPs not checked
Local network blanked,
Remote network 192.168.250.0/24I think that this could help, you should set a rule a for a push route so the client side know what is what on the server side? (email servers Domain controllers?)
push "dhcp-option DNS x.x.x.x";push "dhcp-option WINS x.x.x.x"
that was the old school way now they have a fill in the boxes with your needed servers ip
also shouldn't you fill in the local network in the upperbox?
