Remote networks and routes



  • Hello all, I've got an PKI based site-to-site OpenVPN setup as follows:

    Cloud pfSense (server):

    ovpnc1 interface: 172.16.1.1 (Tunnel Network 172.16.1.0/24)
    Remote Network setting: 10.0.1.0/24 (via client override config)

    Home pfSense (client):

    ovpnc1 interface: 172.16.1.2
    LAN interface: 10.0.1.1
    Remote Network setting: 172.16.1.0/24

    I am able to successfully establish the tunnel and from each pfSense, I can ping the opposite ovpnc1 interface. What I can't do is reach the ovpnc1 interface on the Cloud pfSense from my Home pfSense LAN. My OpenVPN FW rules are permit any any on both sides.

    If I run tcpdump on the ovpnc1 interface on the Cloud pfSense I can see my traffic arriving from my Home LAN, however, it appears that the Cloud pfSense does not know how to route return traffic. The Cloud pfSense has no route entry for 10.0.1.0/24. So my questions are, how does the Remote Network setting get translated into a route on the server and how would I troubleshoot this further?

    Thanks!


Log in to reply