PfSense 2.x Site to site… simple but not workig.
-
I've two running pfSense, one in office and one at home. Both run OpenVPN server on port 1194 for remote access, but now I want to connect permanently the two networks. On pfSense in my office (LAN1 -> 192.168.10.0/24) I configured a new OpenVPN server as "Peer to Peer { [ SSL/TSL | Shared Key ] tried both }", on my pfSense at home (LAN2 -> 192.168.17.0/24 I configured a OpenVPN Client as "Peer to Peer { [ SSL/TSL | Shared Key ] tried both too, in the same way as server mode}", but I can't see VPN go up. On both sides I've forwarded port 1194-1195 to the pfSense boxes, remote access to OpenVPN Server on port 1194 works for both… and I was sure it should be simple to connect the two lan, but now after an entry day of tries I'm really demoralized. I'll add some screenshot from LAN1 and LAN2 configuration hoping someone can give me some suggestion. Shared key are in the configuration and erased from screenshots... they are generated from OpenVPN Server and pasted in Client.
![LAN1 - OpenVPN Server for Site-to-Site.png](/public/imported_attachments/1/LAN1 - OpenVPN Server for Site-to-Site.png)
![LAN1 - OpenVPN Server for Site-to-Site.png_thumb](/public/imported_attachments/1/LAN1 - OpenVPN Server for Site-to-Site.png_thumb)
![LAN1 - OpenVPN Servers.png](/public/imported_attachments/1/LAN1 - OpenVPN Servers.png)
![LAN1 - OpenVPN Servers.png_thumb](/public/imported_attachments/1/LAN1 - OpenVPN Servers.png_thumb)
![LAN2 - OpenVPN Client.png](/public/imported_attachments/1/LAN2 - OpenVPN Client.png)
![LAN2 - OpenVPN Client.png_thumb](/public/imported_attachments/1/LAN2 - OpenVPN Client.png_thumb)
![LAN2 - OpenVPN Servers.png](/public/imported_attachments/1/LAN2 - OpenVPN Servers.png)
![LAN2 - OpenVPN Servers.png_thumb](/public/imported_attachments/1/LAN2 - OpenVPN Servers.png_thumb) -
Try setting the Local network and tunnel networks that are empty at the moment. Then see whats in the OpenVPN log
-
Problem was faulty router (ZyXEL 660H-T). For this and other oddities… Damned! It mede me crazy... Exchanged with an poor, old, unused d-link and all went fine.