Traffic from LAN to LAN over OVPN



  • Dear pfsense forum people,

    I have been lurking around for about a year and have found some pretty good advice for my pfSense setup. Thank you for this, the forum has been a very helpful resource.

    Unfortunately I have come to a point where my ignorance in networking things has led me to think I can't fix the problem by searching online alone, so I'll try asking you for help.

    I have a pfSense box set up in our main office, which is working completely fine. We do have two 1-person branch offices, that need access to our on-site network for their IP phones. Currently this is done via IPSEC-Tunnels on proprietary Bintec-routers, which will go away in december due to the contract with the respective service provider running out.
    My plan is to replace the Bintec devices with small pfsense boxes in the respective branch offices. I have one of those set up for testing behind our backup internet connection.

    I have established the OVPN tunnel between the pfsenses, so this is my current setup:

    pfsense in main office: 10.0.220.0/23 range
    pfsense in branch office: 10.7.11.0/24 range
    ovpn-connection: 10.0.100.0/24 range

    both pfsenses are able to ping each other on the 10.0.100.x ip.
    on my office machine I am able to access gui of the branch office pfsense on 10.0.100.x ip.

    However, clients connected to branch office pfsense can't access anything in the 10.0.220.0/23 range, which is what I want to achieve.

    I am clueless as to how to set this up, I have tried doing firewall rules to no success.

    Maybe someone could kindly point me in the right direction?

    Thank you so much!


  • Netgate