Site-to-Site OpenVPN loses connectivity
-
I have a problem that is driving me crazy:
There are two networks: my home network and my work network. Both have pfSense router/gateways, with an OpenVPN site-to-site, routed configuration. The configuration has been working fine for years.
For the last few months, the two sites lose connectivity in a strange way:
-
Clients on my home network cannot ping anything on the work network
-
The home pfSense gateway can ping the work pfSense Gateway
-
the work pfSense Gateway cannot ping the home pfSense gateway
-
Clients on the work network cannot ping anything on the home network
If I restart OpenVPN either on the home or work gateway, then everything starts working again… until the next time I lose connectivity. I hesitate to think this is a configuration problem, because it has been working for years. (although it may have started after an upgrade to pfSense... I'm not sure.)
The weird thing is that the home pfSense Gateway can always ping the work pfSense gateway, but not the other way around.
Again, once I restart either openvpn, it starts working normally again. I'm not sure how long it works, but every day when I come home, I have no connectivity to work, and I have to restart openvpn, so it's definitely less than 24 hours.
Any ideas what could be causing the loss of connectivity?
-
-
I'm bumping this topic because I still haven't found a solution. I have done some more troubleshooting and discovered that the problem lies with the home pfsense gateway not forwarding ip traffic from the tunnel (ovpn interface) to the LAN interface.
Basically, everything goes just fine for a while, and then suddenly, the pfSense router ceases to forward the traffic to the LAN. This means that the router itself has full access to the work network. It also means that all work network machines have full access to the pfSense home router on the tunnel IP address. But there is zero connectivity between the home LAN and the work LAN.
Any ideas?