Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi WAN Site-to-Site OpenVPN asymmetric routing (OSPF and Routing Policy)

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 129 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sclisson
      last edited by

      Hello,

      I have a problem with asymmetric routing on a Multi WAN Site-to-Site OpenVPN.
      You can find a simplified diagram.

      Site A                  / 172.16.0.2/24 <--- OpenVPN TAP (WAN) ---> 172.16.0.1/24 \                 Site B
      192.168.2.1/24 -                                                                                                      - 192.168.0.1/24
                                 \ 172.16.1.2/24 <--- OpenVPN TAP (MPLS) ---> 172.16.1.1/24 /

      I use OSPF for dynamic routing. All is working normaly when interface cost WAN are lower on two sides.
      Traffic pass through OpenVPN TAP (WAN) tunnel.

      When i add on Site A a Firewall rule to force ports (ex : 3389) passing through OpenVPN TAP (MPLS) tunnel, outgoing packet from Site A pass through OpenVPN TAP (MPLS) but reply pass through OpenVPN TAP (WAN).

      I have read than WAN type interface like OpenVPN should have the reply-to flag, but seems not working.

      Please, could you help me ?

      PS : Sorry for my english, i'm french.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.