Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN PSK Multiple route

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 5.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nahuele
      last edited by

      Hi,

      I've two pfsense located at two differents places, both multi-wan. I've setup a Site 2 Site VPN using "Shared Keys" and it works very well.

      The problem is that from Office "A" (Lan A) i can access LAN B but i can't access DMZ ("C") on Office "B".

      Lan (A) –---pfSenseA-------Internet--------PfSenseB--------Lan (B)  128.127
                          |                                          |------------Lan DMZ (C) 128.126.
                          |---------- Road Warriors (D)

      I added "route 128.126.0.0 255.255.255.0" in "Custom Properties" of OpenVPN Client (pfSenseA).
      PfSense A's Routing Table shows:

      Destination Gateway Flags Refs Use Mtu Netif Expire
      default 200.3.60.10 UGS 2 6046759 1492 ng0
      ....
      128.126 192.168.4.1 UGS 0 0 1500 tun1
      128.127 192.168.4.1 UGS 1 1788 1500 tun1
      ....

      From "A", when i run a trace to "C":

      Traza a la dirección XXXX [128.126.11.200]
      sobre un máximo de 30 saltos:

      1    10 ms    9 ms    9 ms  200.3.60.10
        2  227 ms  143 ms  144 ms  mia7-telecom-argentina-14-ar.mia.seabone.net
        ….

      pfSense A routes that IP to the default gateway, instead of 192.168.4.1

      Form "A", when i run a trace to "B":

      Traza a la dirección YYYY [128.127.10.222]
      sobre un máximo de 30 saltos:

      1    1 ms    <1 ms    <1 ms  ZZZZZZ [192.168.5.1]
        2  1807 ms  475 ms  310 ms  192.168.4.1
        3  142 ms  373 ms  534 ms  128.127.10.222

      Traza completa.

      It works ok.

      In the other hand, at the same pfSenseA i've setup other OpenVPN but for "Road Warriors" with PKI (let's call it "D"). I added also:
      push "route 128.127.10.0 255.255.255.0";push "route 128.126.11.0 255.255.255.0";
      in "Custom Properties" of the OpenVPN Server, and from "D" i've access to "B" and "C".

      Any ideas?

      Thanks !
      Nahuel

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        http://forum.pfsense.org/index.php/topic,7001.0.html

        Since you have a multiWAN setup.
        On the LAN-tab under firewall
        Do you have a rule at the top for your remote end with as gateway *?
        Otherwise you balance traffic for your other end directly to your multiWAN-gateways.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • N
          nahuele
          last edited by

          Thank you very much !

          I've been searching into the forum but i've not found the answer.

          Thanks again,
          Nahuel

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.