Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN and Policy Based Routing

    Routing and Multi WAN
    2
    3
    4.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eytanes
      last edited by

      Hello,
      I've successfully created a site-to-site openvpn connection between two pfsense boxes using psk and filling the "remote network" fields.

      What I'm trying to do is get the tunnel working via policy based routing and bypass the routing table.
      Here is what I've done on each side:
      -Assigned an interface to the tunnel;
      -Setup a gateway for the interface with the gateway address being the other end of the tunnel, "gtwyVPN"
      -Created a rule on the LAN interface to use gtwyVPN for traffic destined for the other end

      However, I must be missing a step because traffic is not getting routed back correctly once I clear the "remote network" fields (thus clearing the routes from the routing table).
      If I ping site B from site A, wireshark on site B shows me the packets being received but the replies are never received back to site A.

      I have a feeling I should be using floating rules (as discussed http://forum.pfsense.org/index.php?topic=36230.0) However I played around with it but never got it working.

      Any help would be greatly appreciated.
      Thanks,
      E

      1 Reply Last reply Reply Quote 0
      • G
        grangej
        last edited by

        I am also having this problem, I have taken it one step further (trying to get failover between two wan pipes across two vpn connections) but same results, i can see the traffic on the other end of the firewall but it doesn't go back, what gives?

        1 Reply Last reply Reply Quote 0
        • E
          eytanes
          last edited by

          i'm not quite sure how to set up rules to route return traffic.
          You can probably try out using ospf. My experience has been that ospf will change the routing table.
          This might help, http://forum.pfsense.org/index.php/topic,39328.0.html
          Let me know if you end up getting it to work with or without ospf.
          -E

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.