Traffic from openVPN to IPsec tunnel



  • Hello Everyone,

    I'm having trouble getting access to the network across joined via IPSEC  from the our user openVPN access.

    Here is the configuration:

    10.20.0.0/22  - is our primary internal network
    10.40.0.0/22  - is the remote network

    We  have a working ipsec tunnel that connects these two network and works without issue.  Hosts on both sides can connect to each other  fine.

    Our openVPN user network is 10.10.10.0/24

    It is attached to the 10.20.0.0/22 network.  We have no issues accessing hosts on the 10.20.0.0 network from the VPN.    However, we cannot access hosts on the 10.40.0.0 network from the VPN.

    I have tried adding the 10.40.0.0/22 network as an endpoint for the openVPN as well as adding a second phase 2 to the existing tunnel  but neither has  has any effect on traffic from the VPN.

    I feel this is some type of policy issue (ipsec) verses a routing issue as adding routes etc also has no effect on the traffic.

    This issue has been going since we installed our pfsense last month and is the last residual that we have to solve.    We cannot add another ipsec tunnel because we do not have additional gateway addresses to use at the endpoints.

    I'm looking for suggestions or possible corrects that I can try before I attempt to replace the ipsec with an openVPN type connection.


Log in to reply