Openvpn manual routing
-
Hello,
I have a project for school where the goal is to have a VPN between 2 networks and another interface on both pfsense which are on another network as backup so they they always have a connection between the networks so when one of them is down it still works.
Both are in a gateway group as tier 1.
The routes have to be made manual so I can't fill in the ip addresses in the openvpn server/client tab.The IP of the machine connected to pfsense 1 is 192.168.1.10 and the pfsense is 192.168.1.1/24
The IP of the machine connected to pfsense 2 is 192.168.2.10 and the pfsense is 192.168.2.1/24Machine 1 and 2 can always connect to the router of the other network.
The problem is one minute machine 1 can ping machine 2 and vice versa but not the routers.
The other minute machine 2 can ping the other machine and pfsense but machine 1 can only ping machine 2.
and there are more possibilities where only machine 1 can ping machine 2 etc…I thought adding ICMP rules would fix this problem but it didn't
Does someone know what I should do so they can always ping each other?
Thank you
![machine 1 rules.png](/public/imported_attachments/1/machine 1 rules.png)
![machine 1 rules.png_thumb](/public/imported_attachments/1/machine 1 rules.png_thumb)
![machine 1 outbound 1.png](/public/imported_attachments/1/machine 1 outbound 1.png)
![machine 1 outbound 1.png_thumb](/public/imported_attachments/1/machine 1 outbound 1.png_thumb)
![machine 1 outbound 2.png](/public/imported_attachments/1/machine 1 outbound 2.png)
![machine 1 outbound 2.png_thumb](/public/imported_attachments/1/machine 1 outbound 2.png_thumb)
![machine 2 rules.png](/public/imported_attachments/1/machine 2 rules.png)
![machine 2 rules.png_thumb](/public/imported_attachments/1/machine 2 rules.png_thumb)
![machine 2 outbound.png](/public/imported_attachments/1/machine 2 outbound.png)
![machine 2 outbound.png_thumb](/public/imported_attachments/1/machine 2 outbound.png_thumb) -
you are loadbalancing and something is problably wrong with ONE of the two routes/connections between the network.
test both individually to figure out which one is causing the issues.if you are natting either of them, then stop natting vpn's between private subnets ;)