Site to site VPN - routed traffic not being passed



  • I have a central pfsense with site to site vpn connections to several other locations, the first tunnel works fine while the second one configured in almost the same way does not…

    Tunnel 1:
    vpn subnet: 192.168.73.0/29
    local endpoint: 192.168.73.1
    remote endpoint: 192.168.73.2
    remote network: 172.16.101.0/24

    With this tunnel, i can successfully route from the local firewall and local network to devices in the 172.16.101.0/24 range

    Tunnel 2:
    vpn subnet: 192.168.73.8/29
    local endpoint: 192.168.73.9
    remote endpoint: 192.168.73.10
    remote network: 192.168.13.0/24

    With this tunnel i can successfully reach the remote firewall (192.168.73.10), but i cannot reach anything in the 192.168.13.0/24 network.

    Running a tcpdump on the local firewall i can see packets being sent to 192.168.13.x via the openvpn interface, but a tcpdump on the remote firewall's openvpn interface shows the traffic not being received. Also running a tcpdump on the physical ethernet interface shows that no openvpn traffic is being generated when i ping 192.168.13.x, but i can see traffic when pinging the firewall address 192.168.73.10.

    Routes to the 192.168.13.0 network via 192.168.73.10 are added successfully
    For some reason it seems the traffic is not being picked up and transmitted by the local openvpn instance but i'm completely stuck as to why... The other tunnel is configured identically aside from the addressing in use, and works perfectly.



  • post your firewall rules. you might have a PBR rule thats routing incorrectly.


Log in to reply