Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Question about Site to Site

    OpenVPN
    2
    3
    387
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jasch last edited by

      Hi, i have a question about Site to site Connection.(ist running, but i want to know if ist supposed to be like this).

      For testing i set up 2 Pfsense.

      Pfsense 1
      192.168.50.254
      Openvpn server
      Peer to Peer shared key
      IPv4 Tunnel Network
      192.168.174.0/24
      IPv4 Remote network(s)
      192.168.11.0/24

      Pfsense 2
      192.168.11.254
      Openvpn Client
      Peer to Peer shared key
      IPv4 Remote network(s)
      192.168.50.0/24

      Tunnel is up but Routing ist not working.
      Routing tables show that on client side, there is no route to server

      I solved this the old way, by adding openvpn interface + Gateway and Manual route on the client pfsense.

      Question
      on openvpn client setting remote network ist says:

      IPv4 networks that will be routed through the tunnel, so that a site-to-site VPN can be established without manually changing the routing tables. Expressed as a comma-separated list of one or more CIDR ranges. If this is a site-to-site VPN, enter the remote LAN/s here. May be left blank for non site-to-site VPN.

      there i added

      192.168.50.0/24 but it does nothing so i needed Manual route

      is this behavier normal and the text just misleading me or i am thinking completly wrong.

      MfG Alex

      1 Reply Last reply Reply Quote 0
      • J
        johnied last edited by

        By manual route you mean static route?
        And what did you put as a gateway in the static route(if that is the case)?

        1 Reply Last reply Reply Quote 0
        • J
          jasch last edited by

          I assign an addtional interface (ovpnc1 in this case).
          Activated this (no ip nothing just activated)
          Then i set an static route to 192.168.50.0/24 on the gatway of this interface.(this was the way of doing this, as i know since years)
          But my question is, the text in newer Version state like this is not needed any more.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post