Can't reach some clinets on remote site

derickmq

I have 3 sites

site C 192.168.10.0 tunnel 10.0.30.0/24 to site_____ A 200.3.38.0 that's connected to _____site B tunnel 10.0.8.0/24 192.168.0.0

issue is between site C and A all sites are connected with openvpn shared key and all sites can find and connect to eachother

I can ping from c to a without an issue and print the problem is going the other way from A to C I can ping out 2 domain servers that replicate fine with the ones on site A I can ping one printer but I cant access it's config page and I cant ping the other printer.

I have the exact same firewall rules as the connection between site B which has no problem with 2 way communication between them

It worked for about 3 months then about a month ago I started having issues ..factory reset site C router with same results.

any help would be great.

Thanks
Derick

mcdiesel

You don't provide sufficient information for anyone to solve your problem, so you must do it yourself.

Check your routing tables

Diagnostic > Routes

This will tell you if the routes you expect are in place.

Try installing package mtr which gives a real time display across each of the hops. Or use mtr on workstations.

derickmq

sorry new to this, what information do you need.?

here is the routing table attached.

i've even restored both routers to back when they were working and still the same issue . I can ping/access some clients but not others

![route table.JPG](/public/imported_attachments/1/route table.JPG)
![route table.JPG_thumb](/public/imported_attachments/1/route table.JPG_thumb)

johnpoz

" I can ping/access some clients but not others "

Well if you can ping some but not others this points to either the ones you can not ping running software firewall that do not allow ping from the IP your pinging them from or not at all. Or the devices your trying to ping not using pfsense as their gateway to know how to get back to where the other side of your vpn is.

" I cant ping the other printer."

If your issue is printers not answering - many a printer I have seen setup where they do not even have a gateway setup, etc. Had a customer one time that had no gateways on any of their printers the reason they worked is because they were using proxy arp on their core switch. When the a new core switch was put in where proxy arp was off by default no printers worked. The quick solution was to enable proxy arp. The long term fix was to setup gateways on all the printers and then disable proxy arp.

derickmq

I checked both printers both have the local pfsense box as the gateway, DNS is also directed to the local domain servers.

on the local subnet I can ping them and access the config page, on the other site I can ping them ( most of the time) but I can't access the config page on the printer.

whats even stranger is the Domain servers are replicating fine I can even get into remote desktop.

I've tried a separate internet connection at the site also same issues.

derickmq

It's fixed.. format the hard drive and reinstall from cd. set it up and it worked right away.

Don't know why the factory reset didn't do the trick.

Thanks for those who responded