No traffic between OpenVPN site-to-site
-
Hey there
I got an issue with an OpenVPN site-to-site setup in a lab environment. I have a pfSense OpenVPN server and a pfSense OpenVPN client, both running with 2.3.2-p1. The connection on both server and client is up. I use the following configuration:
pfSense OpenVPN server:
LAN: 10.0.0.1/27
WAN: 10.1.0.1/24pfSense OpenVPN client:
LAN: 10.0.0.33/27
WAN: 10.1.0.2/24On both pfSenses I have one client connected each:
Client on pfSense OpenVPN server:
eth0: 10.0.0.4/27
Default gateway: 10.0.0.1Client on pfSense OpenVPN client:
eth0: 10.0.0.36/27
Default gateway: 10.0.0.33Tunnel network is 10.0.1.0/30.
I omit further configuration details since the tunnel stands. If desired I'm happy to provide them.The routes are propagated correctly on both pfSenses as far as I understand:
pfSense OpenVPN server (just an excerpt):
10.0.0.0/27 link#2 U em1
10.0.0.1 link#2 UHS lo0
10.0.0.32/27 10.0.1.2 UGS ovpns1
10.0.1.0/24 10.0.1.1 UGS ovpns1
10.0.1.1 link#7 UHS lo0
10.0.1.2 link#7 UH ovpns1pfSense OpenVPN client (just an excerpt):
10.0.0.0/27 10.0.1.1 UGS ovpnc1
10.0.0.32/27 link#2 U em1
10.0.0.33 link#2 UHS lo0
10.0.1.0/24 10.0.1.2 UGS ovpnc1
10.0.1.1 link#7 UH ovpnc1
10.0.1.2 link#7 UHS lo0The problem is, that I can't reach the clients behind the pfSenses either way. I'm able to reach the virtual tunnel IPs from the server to the client and reverse. Nevertheless when I ping from 10.0.0.4 to 10.0.0.36 I can see traffic leaving the ovpns1 interface on the server but not incoming on the interface ovpnc1 on the client. The same behavior occurs when pinging from 10.0.0.36 to 10.0.0.4.
I'm running out of ideas. I triple checked the configuration and couldn't find any mistakes. Maybe you have ideas to approach this problem.Thanks