Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No route to vpn on one machine.

    IPsec
    3
    4
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      joegeorge
      last edited by

      Running pfsense 2.1-BETA0 with 3 vpn tunnels established and working correctly, two point to point tunnels and mobile clients. Traffic passes with no issues in both directions for all computers…. except one.

      It's a Synology Diskstation 1511+, there no firewall rules preventing it from accessing the the vpn subnets.

      Any thoughts on how to test this more / fix this problem would be greatly appreciated. I've posted previously on the Synology forums with no luck (http://forum.synology.com/enu/viewtopic.php?f=145&t=60094&p=233911#p233911)

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The usual culprits there are:

        1. Missing gateway on the Synology
        2. Incorrect subnet mask on the Synology
        3. Something on the Synology is making it drop the traffic.

        You can work around 1 and 2 with some NAT, but NAT will break SMB so it's not so useful with a NAS…

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • R
          richardstubbs
          last edited by

          Looking at the upgrade image for Synology Diskstation its based on Linux 3.2.11 Kernel see for more information on my post about Linux 3.x biased devices http://forum.pfsense.org/index.php/topic,43430.0.html

          If you can get console access on it or in "advanced" options section you may see options for system tuneables or kernel tweaks you want to enable "IP forwarding" on the device.

          Regards

          Richard

          @richardstubbs
          http://www.richard-stubbs.com

          @richardstubbs
          http://www.richard-stubbs.com

          1 Reply Last reply Reply Quote 0
          • J
            joegeorge
            last edited by

            This worked wonderfully! Thank you, this has been driving me mad for so long.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.