Site-to-site VPN not reachable via LAN
-
Hi!
I setup a site-to-site openvpn connection between two pfsense routers.
The client was set with these parameters;
IPv4 tunnel network; 10.0.8.0/24
Remote network: 192.168.39.0/24Server:
IPv4 tunnel network; 10.0.8.0/24
Remote network: 192.168.37.0/24
Local network: 192.168.39.0/24The pfsense in the default gateway on both networks.
In the diagnostics tab -> ping -> openvpn on the client I can ping 192.168.39.2
Using the lan interface (also in diagnostics) I dont get a reply. Also the computers in this lan network can not ping 192.168.39.2. A tracert shows that the traffic to 192.168.39.0/24 is routed via the router (192.168.37.2) , so that looks good.On the server I can not ping 192.168.37.2
On both sides I can ping the OpenVPN IP`s on the OpenVPN interface only (10.8.0.1 and 10.8.0.2)
What am I missing?
-
The client was set with these parameters;
IPv4 tunnel network; 10.0.8.0/24
Remote network: 192.168.39.0/24Server:
IPv4 tunnel network; 10.0.8.0/24
Remote network: 192.168.39.0/24
Local network: 192.168.37.0/24The Remote network on client should be set to the servers site local network.
A typo? -
I just corrected my typo, thnx :)
-
Which device is 192.168.39.2? pfSense or a host in the LAN?
If it is a computer in the LAN ensure that the system firewall (Windows or whatever) doesn't block access from other subnets. By default Windows firewall blocks such access while it allows access from its own subnet.
-
192.168.39.2 is the pfsense
-
I got it sorted. I setup the wrong vpn type (SSL instead of shared key). Now it works fine