Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site-to-Site Network Not connecting

    OpenVPN
    3
    3
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      ExpJ
      last edited by

      Hello, everyone. I have basically been searching for a solution to this problem and couldnt find anything definitive.

      What I want to do:

      Connect 2 offices via site-to-site openvpn. The users from office 2 should be able to connect to the fileserver and see clients on office 1 (SERVER). I used the pfsense book and followed most of what I from the book.

      Current Situation:

      Office A: 10.1.1.0/24 (SERVER)
      VPN Range: 172.31.55.0/30
      Connection Type: PPPoe
      3 VIPs (Proxy Arp) (Firewall is set to use one, VPN another)

      Advanced Outgoing NAT:
      WAN  172.31.55.0/30 * * * * *
      WAN  10.1.1.0/24    * * * * 61.X.X.X (Public IP of firewall)

      openvpn[401]: UDPv4 link remote: [undef]
Jul 12 00:17:23	openvpn[401]: UDPv4 link local (bound): [undef]:21194
Jul 12 00:17:22	openvpn[401]: /etc/rc.filter_configure tun0 1500 1561 172.31.55.1 172.31.55.2 init
Jul 12 00:17:22	openvpn[401]: /sbin/ifconfig tun0 172.31.55.1 172.31.55.2 mtu 1500 netmask 255.255.255.255 up
Jul 12 00:17:22	openvpn[401]: TUN/TAP device /dev/tun0 opened
Jul 12 00:17:22	openvpn[401]: OFFICE2 202.X.X.X
Jul 12 00:17:22	openvpn[401]: LZO compression initialized
Jul 12 00:17:22	openvpn[401]: WARNING: file '/var/etc/openvpn_server0.secret' is group or others accessible
Jul 12 00:17:20	openvpn[401]: OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] built on Dec 4 2009
Jul 12 00:17:20	openvpn[401]: SIGHUP[hard,] received, process restarting
Jul 12 00:17:20	openvpn[401]: /etc/rc.filter_configure tun0 1500 1561 172.31.55.1 172.31.55.2 init
Jul 12 00:17:20	openvpn[401]: event_wait : Interrupted system call (code=4)
Jul 12 00:16:57	openvpn[401]: UDPv4 link remote: [undef]
Jul 12 00:16:57	openvpn[401]: UDPv4 link local (bound): [undef]:21194
Jul 12 00:16:56	openvpn[392]: /etc/rc.filter_configure tun0 1500 1561 172.31.55.1 172.31.55.2 init
Jul 12 00:16:56	openvpn[392]: /sbin/ifconfig tun0 172.31.55.1 172.31.55.2 mtu 1500 netmask 255.255.255.255 up
Jul 12 00:16:56	openvpn[392]: TUN/TAP device /dev/tun0 opened
Jul 12 00:16:56	openvpn[392]: OFFICE2 202.X.X.X
Jul 12 00:16:56	openvpn[392]: LZO compression initialized
Jul 12 00:16:56	openvpn[392]: WARNING: file '/var/etc/openvpn_server0.secret' is group or others accessible
Jul 12 00:16:56	openvpn[392]: OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] built on Dec 4 2009

      –-----------------------------------
      Office B: 10.1.2.0/24 (CLIENT)
      Connection Type: PPPoe
      VPN Range: 172.31.55.0/30
      1 VIP (Proxy Arp)

      Jul 12 00:20:04	openvpn[383]: SIGUSR1[soft,ping-restart] received, process restarting
Jul 12 00:20:04	openvpn[383]: Inactivity timeout (--ping-restart), restarting
Jul 12 00:18:04	openvpn[383]: UDPv4 link remote: 61.X.X.X:21194 (OFFICE1 SERVER)
Jul 12 00:18:04	openvpn[383]: UDPv4 link local (bound): [undef]:1194
Jul 12 00:18:04	openvpn[383]: Preserving previous TUN/TAP instance: tun0
Jul 12 00:18:04	openvpn[383]: LZO compression initialized
Jul 12 00:18:04	openvpn[383]: Re-using pre-shared static key
Jul 12 00:18:02	openvpn[383]: SIGUSR1[soft,ping-restart] received, process restarting
Jul 12 00:18:02	openvpn[383]: Inactivity timeout (--ping-restart), restarting

      Im not sure if im missing something, or if there is a part of my setup that is wrong. All of the firewall rules have been setup and double checked. Any attempts to ping across the VPN fail. I would be grateful for any help that could be provided to point me in the right direction. Thanks in advance for your time and please let me know if i neglected to post some pertinent info.

      1 Reply Last reply Reply Quote 0
      • D
        dolbie2
        last edited by

        ExpJ,

        I also have the exact same issue. Site-to-Site followed exactly what the book said. In the book for the client configuration, the "Interface IP" is not specified but it is requred in pf1.2.3. How did you get past that?

        Did you figure out how to get your site-to-site to work? Any help will be greatly appreciated.

        Thank you!

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          @dolbie2:

          Site-to-Site followed exactly what the book said. In the book for the client configuration, the "Interface IP" is not specified but it is requred in pf1.2.3. How did you get past that?

          There was an issue in the book, you might need to read errata #2 here:
          http://www.reedmedia.net/books/pfsense/errata.html

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.