Site to Site Can ping from one side but not the other
-
2.0 Rc3
Site to site
Site A: 172.21.12.0
Site B: 172.21.13.0Site B can access servers, printers, pc's etc at Site A. However, when at Site A or when remote desktoping a computer at Site A they cannot ping or access anything at Site B including the pfsense router. Both firewalls are their own gateways. At site A in the open VPN additional box I have route 172.21.13.0 255.255.255.0 and at Site B I have route 172.21.12.0 255.255.255.0
I am out of ideas, what can this be?
-
make sure the routes for all subnets are set on both ends. also check if you firewall rules allow traffic to and from
-
As far as I can tell they are. We have client to pfsense openvpns that work fine. So I am betting I have a rule wrong as well. How should my source and destination look?
-
I've had similar issues like this in the past. Some things to look at:
- as heper said, check your routing table. make sure there is a route in site A's table that routes traffic to siteB_subnet via the openvpn interface (do the same check for site B)
- make sure you have the allow rules on the openvpn tab
- check your lan rules on A, see which rule get hits when your sending traffic from A to B and double check that its using the "default" gateway. if there is no such rule, add one that has source->lan_subnet dest-> siteb_subnet gateway->default
- Run a wireshark on the receiving end (the machine on site B that you're pinging), see if the ping requests are coming in (could be that the responses aren't going from B to A properly)
-E