• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[SOLVED] OpenVPN Site to Site still Ping / RDP not working

Scheduled Pinned Locked Moved OpenVPN
19 Posts 2 Posters 2.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    rafael.seeck
    last edited by Nov 11, 2017, 10:21 PM Nov 9, 2017, 9:12 PM

    Hi,

    i have setup a OpenVPN Site to Site between 2 pfsense (v. 2.4.1).

    I can access many devices from the other site for example:

    https to pfsense works
    https to wlan ap works

    but

    ping to other site still not working
    and rdp connection also.

    My setup:

    Pfsense Server:
    LAN: 192.168.10.0/24
    Tunnel Network: 10.10.15.0/30
    WAN: Dynamic PPPOE VDSL

    Pfsense Client:
    LAN: 192.168.15.0/24
    Tunnel: 10.10.15.0/30
    WAN: Static IP VDSL PPPOE

    Firewall on OpenVPN Tab and S2S Tab is on both site applied (any to any).

    I´m slowly really desperate. I read the official docs and ready several howtos.

    Ping from pfsense is working when i select as source "any" when i change to "lan" then i get no response.

    I have add pictures under attachments.

    Please Help!

    ![2017-11-09 21_58_30-m-pfSense.home.local - Status_ Dashboard.png](/public/imported_attachments/1/2017-11-09 21_58_30-m-pfSense.home.local - Status_ Dashboard.png)
    ![2017-11-09 21_58_30-m-pfSense.home.local - Status_ Dashboard.png_thumb](/public/imported_attachments/1/2017-11-09 21_58_30-m-pfSense.home.local - Status_ Dashboard.png_thumb)
    ![2017-11-09 22_01_47-m-pfSense.home.local - Diagnostics_ Routes.png](/public/imported_attachments/1/2017-11-09 22_01_47-m-pfSense.home.local - Diagnostics_ Routes.png)
    ![2017-11-09 22_01_47-m-pfSense.home.local - Diagnostics_ Routes.png_thumb](/public/imported_attachments/1/2017-11-09 22_01_47-m-pfSense.home.local - Diagnostics_ Routes.png_thumb)
    ![2017-11-09 22_02_53-m-pfSense.home.local - Firewall_ NAT_ Outbound.png](/public/imported_attachments/1/2017-11-09 22_02_53-m-pfSense.home.local - Firewall_ NAT_ Outbound.png)
    ![2017-11-09 22_02_53-m-pfSense.home.local - Firewall_ NAT_ Outbound.png_thumb](/public/imported_attachments/1/2017-11-09 22_02_53-m-pfSense.home.local - Firewall_ NAT_ Outbound.png_thumb)
    ![2017-11-09 22_04_24-m-pfSense.home.local - Firewall_ NAT_ Outbound.png](/public/imported_attachments/1/2017-11-09 22_04_24-m-pfSense.home.local - Firewall_ NAT_ Outbound.png)
    ![2017-11-09 22_04_24-m-pfSense.home.local - Firewall_ NAT_ Outbound.png_thumb](/public/imported_attachments/1/2017-11-09 22_04_24-m-pfSense.home.local - Firewall_ NAT_ Outbound.png_thumb)
    ![2017-11-09 22_05_01-m-pfSense.home.local - System_ Routing_ Gateways.png](/public/imported_attachments/1/2017-11-09 22_05_01-m-pfSense.home.local - System_ Routing_ Gateways.png)
    ![2017-11-09 22_05_01-m-pfSense.home.local - System_ Routing_ Gateways.png_thumb](/public/imported_attachments/1/2017-11-09 22_05_01-m-pfSense.home.local - System_ Routing_ Gateways.png_thumb)
    ![2017-11-09 22_06_18-m-pfSense.home.local - Status_ OpenVPN.png](/public/imported_attachments/1/2017-11-09 22_06_18-m-pfSense.home.local - Status_ OpenVPN.png)
    ![2017-11-09 22_06_18-m-pfSense.home.local - Status_ OpenVPN.png_thumb](/public/imported_attachments/1/2017-11-09 22_06_18-m-pfSense.home.local - Status_ OpenVPN.png_thumb)
    ![2017-11-09 22_07_47-pfSense_client - Status_ OpenVPN.png_thumb](/public/imported_attachments/1/2017-11-09 22_07_47-pfSense_client - Status_ OpenVPN.png_thumb)
    ![2017-11-09 22_09_27-m-pfSense.home.local - VPN_ OpenVPN_ Servers_ Edit.png](/public/imported_attachments/1/2017-11-09 22_09_27-m-pfSense.home.local - VPN_ OpenVPN_ Servers_ Edit.png)
    ![2017-11-09 22_09_27-m-pfSense.home.local - VPN_ OpenVPN_ Servers_ Edit.png_thumb](/public/imported_attachments/1/2017-11-09 22_09_27-m-pfSense.home.local - VPN_ OpenVPN_ Servers_ Edit.png_thumb)
    ![2017-11-09 22_29_32-pfSense.praxis.local - Gateway_client_pfsense.png_thumb](/public/imported_attachments/1/2017-11-09 22_29_32-pfSense.praxis.local - Gateway_client_pfsense.png_thumb)
    ![2017-11-09 22_29_32-pfSense.praxis.local - Gateway_client_pfsense.png](/public/imported_attachments/1/2017-11-09 22_29_32-pfSense.praxis.local - Gateway_client_pfsense.png)
    ![2017-11-09 22_07_47-pfSense_client - Status_ OpenVPN.png](/public/imported_attachments/1/2017-11-09 22_07_47-pfSense_client - Status_ OpenVPN.png)
    ![2017-11-09 22_13_21-interface_s2s_server_pfsense_config.png_thumb](/public/imported_attachments/1/2017-11-09 22_13_21-interface_s2s_server_pfsense_config.png_thumb)
    ![2017-11-09 22_13_21-interface_s2s_server_pfsense_config.png](/public/imported_attachments/1/2017-11-09 22_13_21-interface_s2s_server_pfsense_config.png)
    ![2017-11-09 22_13_21-interface_s2s_client_pfsense_config.png](/public/imported_attachments/1/2017-11-09 22_13_21-interface_s2s_client_pfsense_config.png)
    ![2017-11-09 22_13_21-interface_s2s_client_pfsense_config.png_thumb](/public/imported_attachments/1/2017-11-09 22_13_21-interface_s2s_client_pfsense_config.png_thumb)
    ![2017-11-09 22_19_38-pfSense.praxis.local - Firewall_ NAT_ Outbound.png_thumb](/public/imported_attachments/1/2017-11-09 22_19_38-pfSense.praxis.local - Firewall_ NAT_ Outbound.png_thumb)
    ![2017-11-09 22_19_38-pfSense.praxis.local - Firewall_ NAT_ Outbound.png](/public/imported_attachments/1/2017-11-09 22_19_38-pfSense.praxis.local - Firewall_ NAT_ Outbound.png)
    ![2017-11-09 22_23_07-server_pfsense_lan_ping_to_pfsense_client_packet_capture.png](/public/imported_attachments/1/2017-11-09 22_23_07-server_pfsense_lan_ping_to_pfsense_client_packet_capture.png)
    ![2017-11-09 22_23_07-server_pfsense_lan_ping_to_pfsense_client_packet_capture.png_thumb](/public/imported_attachments/1/2017-11-09 22_23_07-server_pfsense_lan_ping_to_pfsense_client_packet_capture.png_thumb)
    ![2017-11-09 22_27_21-m-pfSense.home.local - Gateway_server_pfsense.png](/public/imported_attachments/1/2017-11-09 22_27_21-m-pfSense.home.local - Gateway_server_pfsense.png)
    ![2017-11-09 22_27_21-m-pfSense.home.local - Gateway_server_pfsense.png_thumb](/public/imported_attachments/1/2017-11-09 22_27_21-m-pfSense.home.local - Gateway_server_pfsense.png_thumb)
    ![2017-11-09 22_10_28-pfSense.praxis.local - VPN_ OpenVPN_ Clients_ Edit.png_thumb](/public/imported_attachments/1/2017-11-09 22_10_28-pfSense.praxis.local - VPN_ OpenVPN_ Clients_ Edit.png_thumb)
    ![2017-11-09 22_10_28-pfSense.praxis.local - VPN_ OpenVPN_ Clients_ Edit.png](/public/imported_attachments/1/2017-11-09 22_10_28-pfSense.praxis.local - VPN_ OpenVPN_ Clients_ Edit.png)

    1 Reply Last reply Reply Quote 0
    • V
      viragomann
      last edited by Nov 10, 2017, 12:21 AM

      The outbound NAT rules for the S2S on both sites are useless. You don't need theme, since the traffic is routed to the other site.

      Consider that computer systems block access from other subnets by default. HTTP servers are meant to be accessed from the internet, so they allow access from remote networks.
      So you will have to open up the computers firewalls for access from the remote subnet, or you set outbound NAT rules to translate the source IPs to the interface IPs.

      1 Reply Last reply Reply Quote 0
      • R
        rafael.seeck
        last edited by Nov 10, 2017, 10:39 AM

        Hi,

        @Viragomann
        thx for your reply. I have cleanup my outbound rules but nothing will change. How can i determine how the package goes though the tunnel (used adresses nat or not nat)?

        I have add some new pictures.

        Please help to solve this problem.

        thanks

        ![2017-11-10 11_03_58-pfsense_server - Firewall_ NAT_ Outbound.png](/public/imported_attachments/1/2017-11-10 11_03_58-pfsense_server - Firewall_ NAT_ Outbound.png)
        ![2017-11-10 11_03_58-pfsense_server - Firewall_ NAT_ Outbound.png_thumb](/public/imported_attachments/1/2017-11-10 11_03_58-pfsense_server - Firewall_ NAT_ Outbound.png_thumb)
        ![2017-11-10 11_08_10-pfsense_server - Diagnostics_ Ping.png](/public/imported_attachments/1/2017-11-10 11_08_10-pfsense_server - Diagnostics_ Ping.png)
        ![2017-11-10 11_08_10-pfsense_server - Diagnostics_ Ping.png_thumb](/public/imported_attachments/1/2017-11-10 11_08_10-pfsense_server - Diagnostics_ Ping.png_thumb)
        ![2017-11-10 11_10_59-pfsense_server - Diagnostics_ Traceroute.png](/public/imported_attachments/1/2017-11-10 11_10_59-pfsense_server - Diagnostics_ Traceroute.png)
        ![2017-11-10 11_10_59-pfsense_server - Diagnostics_ Traceroute.png_thumb](/public/imported_attachments/1/2017-11-10 11_10_59-pfsense_server - Diagnostics_ Traceroute.png_thumb)
        ![2017-11-10 11_13_43-pfsense_server - Diagnostics_ Traceroute incl. icmp.png](/public/imported_attachments/1/2017-11-10 11_13_43-pfsense_server - Diagnostics_ Traceroute incl. icmp.png)
        ![2017-11-10 11_13_43-pfsense_server - Diagnostics_ Traceroute incl. icmp.png_thumb](/public/imported_attachments/1/2017-11-10 11_13_43-pfsense_server - Diagnostics_ Traceroute incl. icmp.png_thumb)

        1 Reply Last reply Reply Quote 0
        • V
          viragomann
          last edited by Nov 10, 2017, 11:20 AM

          You can use Packet Capture on pfSense, you find it in the Diagnostics menu.

          Do a capture on the remote LAN interface (where the destination device is connected to) while you try a ping. Filter for ICMP packets. So you can see if the packets are going out the LAN and which source and destination IP they have.

          1 Reply Last reply Reply Quote 0
          • R
            rafael.seeck
            last edited by Nov 10, 2017, 11:53 AM

            Hi,

            @viragomann
            i will start a capture and post the result shortly.

            Update:

            I have check the firewall logs and found something. The pfsense server send a ping i can see in the firewall logs (source -> destination) and on the pfsense client i can see that a ping is incoming from pfsense server but the same test show no entrys when i test it back from pfsense client. A ping send a request but the request get no response from pfsense client (Pfsense client (source) -> Pfsense server (destination)) is empty! How can i determine where is the response?

            thanks

            1 Reply Last reply Reply Quote 0
            • V
              viragomann
              last edited by Nov 10, 2017, 12:22 PM

              The firewall log only shows requests on the interface where the packets come in, no responses.
              These can only be seen in a packet capture or any other network sniffer.

              1 Reply Last reply Reply Quote 0
              • R
                rafael.seeck
                last edited by Nov 10, 2017, 12:50 PM

                Now it works i can´t understand why i have test something and now it will works. More details and the final solution shortly! Thanks!

                1 Reply Last reply Reply Quote 0
                • R
                  rafael.seeck
                  last edited by Nov 10, 2017, 1:20 PM

                  What i do:

                  1. I have add two firewall rules from lan to s2s and to 192.168.15.0/24
                  2. I add on both site routes for the opposite networks
                  3. I add outbound rules from interface lan with source 10.10.15.0/30 to destination networks

                  What the decisive step was i can´t say actually. I will still testing some settings and give feedback later.

                  Thanks and bye

                  1 Reply Last reply Reply Quote 0
                  • V
                    viragomann
                    last edited by Nov 10, 2017, 2:00 PM

                    @rafael.seeck:

                    3. I add outbound rules from interface lan with source 10.10.15.0/30 to destination networks

                    That NAT rule translates source addresses of packets coming over vpn and destined to a LAN device to the pfSense LAN address. So for the LAN device it seems the packets come from inside the subnet. I already mentioned above.
                    If that solve the issue, either the device firewall blocks access from addresses outside its own subnet or the vpn client / server is not the default gateway.

                    1 Reply Last reply Reply Quote 0
                    • R
                      rafael.seeck
                      last edited by Nov 10, 2017, 2:19 PM

                      Hi,

                      is it possible that i use two solutions for one problem?

                      outbound nat and static routes?

                      Is it possible that i get problems later?

                      I add some pictures under the attachments.

                      Thanks

                      Ps:Do you know as it possible to join the official pfsense docs team to add this informations under openvpn site to site?

                      ![2017-11-10 15_14_06-pfsense_server - Firewall_ NAT_ Outbound.png](/public/imported_attachments/1/2017-11-10 15_14_06-pfsense_server - Firewall_ NAT_ Outbound.png)
                      ![2017-11-10 15_14_06-pfsense_server - Firewall_ NAT_ Outbound.png_thumb](/public/imported_attachments/1/2017-11-10 15_14_06-pfsense_server - Firewall_ NAT_ Outbound.png_thumb)
                      ![2017-11-10 15_11_48-pfsense_server - Firewall_ Rules.png](/public/imported_attachments/1/2017-11-10 15_11_48-pfsense_server - Firewall_ Rules.png)
                      ![2017-11-10 15_11_48-pfsense_server - Firewall_ Rules.png_thumb](/public/imported_attachments/1/2017-11-10 15_11_48-pfsense_server - Firewall_ Rules.png_thumb)
                      ![2017-11-10 15_16_47-pfsense_server - System_ Routing_ Gateways.png](/public/imported_attachments/1/2017-11-10 15_16_47-pfsense_server - System_ Routing_ Gateways.png)
                      ![2017-11-10 15_16_47-pfsense_server - System_ Routing_ Gateways.png_thumb](/public/imported_attachments/1/2017-11-10 15_16_47-pfsense_server - System_ Routing_ Gateways.png_thumb)
                      ![2017-11-10 15_17_56-pfsense_server - System_ Routing_ Static Routes.png](/public/imported_attachments/1/2017-11-10 15_17_56-pfsense_server - System_ Routing_ Static Routes.png)
                      ![2017-11-10 15_17_56-pfsense_server - System_ Routing_ Static Routes.png_thumb](/public/imported_attachments/1/2017-11-10 15_17_56-pfsense_server - System_ Routing_ Static Routes.png_thumb)

                      1 Reply Last reply Reply Quote 0
                      • V
                        viragomann
                        last edited by Nov 10, 2017, 2:40 PM

                        @rafael.seeck:

                        outbound nat and static routes?

                        You have set a static route?? You should never set static routes on vpn gateways!
                        https://doc.pfsense.org/index.php/Static_Routes

                        @rafael.seeck:

                        is it possible that i use two solutions for one problem?

                        Not with that outbound NAT rule. Since the source network is only the vpn tunnel subnet, it only affects packets coming from the client address respectively the server, not from the network behind.
                        That's the same useless outbound NAT rule you had set before. The client or server won't access devices in the remote LAN aside from your testing.

                        @rafael.seeck:

                        Is it possible that i get problems later?

                        Possibly with the static route.

                        1 Reply Last reply Reply Quote 0
                        • R
                          rafael.seeck
                          last edited by Nov 10, 2017, 2:46 PM

                          Hi

                          @Viragomann

                          Thank you very much.

                          Bye

                          1 Reply Last reply Reply Quote 0
                          • R
                            rafael.seeck
                            last edited by Nov 10, 2017, 3:02 PM

                            Hi,

                            @Viragomann

                            when i disable the static route then the connection will break.

                            What is wrong?

                            thanks

                            1 Reply Last reply Reply Quote 0
                            • V
                              viragomann
                              last edited by Nov 10, 2017, 3:35 PM

                              The route have to be set by OpenVPN, depending on the entries in "Local Network(s)" and "Remote Network(s)" on both sites. If these entries are set, the routes should work.

                              You can check the routing table in Diagnostic > Routes.

                              Is that a SSL/TLS OpenVPN or a Preshared key?

                              1 Reply Last reply Reply Quote 0
                              • R
                                rafael.seeck
                                last edited by Nov 10, 2017, 4:05 PM Nov 10, 2017, 4:00 PM

                                Hi,

                                i found this howto and following up.

                                Now i have Peer to Peer SSL/TLS before it was a pre shared key setup.
                                The connection is established but now i can´t access any ressources from the other site.

                                What is wrong?

                                Thanks

                                ![2017-11-10 16_57_31pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png](/public/imported_attachments/1/2017-11-10 16_57_31pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png)
                                ![2017-11-10 16_57_31pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 16_57_31pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb)
                                ![2017-11-10 16_58_10-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png](/public/imported_attachments/1/2017-11-10 16_58_10-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png)
                                ![2017-11-10 16_58_10-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 16_58_10-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb)
                                ![2017-11-10 16_58_42-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png](/public/imported_attachments/1/2017-11-10 16_58_42-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png)
                                ![2017-11-10 16_58_42-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 16_58_42-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb)
                                ![2017-11-10 16_59_17-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png](/public/imported_attachments/1/2017-11-10 16_59_17-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png)
                                ![2017-11-10 16_59_17-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 16_59_17-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb)
                                ![2017-11-10 16_59_43-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png](/public/imported_attachments/1/2017-11-10 16_59_43-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png)
                                ![2017-11-10 16_59_43-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 16_59_43-pfsense_server - VPN_ OpenVPN_ Servers_ Edit.png_thumb)
                                ![2017-11-10 17_03_57-pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png](/public/imported_attachments/1/2017-11-10 17_03_57-pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png)
                                ![2017-11-10 17_03_57-pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 17_03_57-pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png_thumb)
                                ![2017-11-10 17_04_22pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png](/public/imported_attachments/1/2017-11-10 17_04_22pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png)
                                ![2017-11-10 17_04_22pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png_thumb](/public/imported_attachments/1/2017-11-10 17_04_22pfsense_server - VPN_ OpenVPN_ Client Specific Overrides_ Edit.png_thumb)

                                1 Reply Last reply Reply Quote 0
                                • V
                                  viragomann
                                  last edited by Nov 10, 2017, 4:26 PM

                                  Why you set up a client specific override for a site-to-site? Do you plan to connect with multiple clients?
                                  Besides there is nothing to override, since the settings are the same as on server tab.

                                  Aside this it looks well. But what's about the client settings? And the routing table from both sites?

                                  1 Reply Last reply Reply Quote 0
                                  • R
                                    rafael.seeck
                                    last edited by Nov 10, 2017, 8:18 PM

                                    Hi,

                                    @Viragomann

                                    Why you set up a client specific override for a site-to-site? Do you plan to connect with multiple clients?

                                    No actually i plan no multiple clients -> I have remove client specific override.

                                    PFsense Server:
                                    In the routing table is not an entry for 192.168.15.0/24 (PFsense Client) only a tunnel network entry:

                                    Destination Gateway         Flags Use Mtu         Netif     Expire
                                    10.10.15.0/24 10.10.15.2 UGS 0 1500 ovpns4

                                    it does not look right ?!!? or??!!

                                    Complete table you can see in the attachments.

                                    PFSense Client:
                                    Complete in the attachments (Entry for 192.168.10.0/24 exists)

                                    The client configuration is also under the attachments.

                                    Thanks

                                    ![2017-11-10 20_58_01-pfsense_server - Diagnostics_ Routes.png](/public/imported_attachments/1/2017-11-10 20_58_01-pfsense_server - Diagnostics_ Routes.png)
                                    ![2017-11-10 20_58_01-pfsense_server - Diagnostics_ Routes.png_thumb](/public/imported_attachments/1/2017-11-10 20_58_01-pfsense_server - Diagnostics_ Routes.png_thumb)
                                    ![2017-11-10 21_11_00-pfSense_client - Diagnostics_ Routes.png](/public/imported_attachments/1/2017-11-10 21_11_00-pfSense_client - Diagnostics_ Routes.png)
                                    ![2017-11-10 21_11_00-pfSense_client - Diagnostics_ Routes.png_thumb](/public/imported_attachments/1/2017-11-10 21_11_00-pfSense_client - Diagnostics_ Routes.png_thumb)
                                    ![2017-11-10 21_12_28-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_1.png](/public/imported_attachments/1/2017-11-10 21_12_28-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_1.png)
                                    ![2017-11-10 21_12_28-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_1.png_thumb](/public/imported_attachments/1/2017-11-10 21_12_28-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_1.png_thumb)
                                    ![2017-11-10 21_13_14-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_2.png](/public/imported_attachments/1/2017-11-10 21_13_14-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_2.png)
                                    ![2017-11-10 21_13_14-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_2.png_thumb](/public/imported_attachments/1/2017-11-10 21_13_14-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_2.png_thumb)
                                    ![2017-11-10 21_14_44-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_3.png](/public/imported_attachments/1/2017-11-10 21_14_44-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_3.png)
                                    ![2017-11-10 21_14_44-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_3.png_thumb](/public/imported_attachments/1/2017-11-10 21_14_44-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_3.png_thumb)
                                    ![2017-11-10 21_15_15-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_4.png](/public/imported_attachments/1/2017-11-10 21_15_15-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_4.png)
                                    ![2017-11-10 21_15_15-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_4.png_thumb](/public/imported_attachments/1/2017-11-10 21_15_15-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_4.png_thumb)
                                    ![2017-11-10 21_16_50-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_5.png](/public/imported_attachments/1/2017-11-10 21_16_50-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_5.png)
                                    ![2017-11-10 21_16_50-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_5.png_thumb](/public/imported_attachments/1/2017-11-10 21_16_50-pfSense_client - VPN_ OpenVPN_ Clients_ Edit_5.png_thumb)

                                    1 Reply Last reply Reply Quote 0
                                    • R
                                      rafael.seeck
                                      last edited by Nov 10, 2017, 8:38 PM

                                      Hi,

                                      @Viragomann
                                      I have disable and enable vpn server and now i found an entry in the pfsense server routing table.

                                      See attachments

                                      Ping and Access is not possible!

                                      Thanks

                                      ![2017-11-10 21_35_01-pfsense_server - Diagnostics_ Routes_incl_192_168_15_0_24.png](/public/imported_attachments/1/2017-11-10 21_35_01-pfsense_server - Diagnostics_ Routes_incl_192_168_15_0_24.png)
                                      ![2017-11-10 21_35_01-pfsense_server - Diagnostics_ Routes_incl_192_168_15_0_24.png_thumb](/public/imported_attachments/1/2017-11-10 21_35_01-pfsense_server - Diagnostics_ Routes_incl_192_168_15_0_24.png_thumb)

                                      1 Reply Last reply Reply Quote 0
                                      • R
                                        rafael.seeck
                                        last edited by Nov 11, 2017, 10:21 PM

                                        Hi,

                                        my Site to Site is now running and i have setup according recommendation, it means that i have no static routes.

                                        The final solution was to reset the states and take a /30 tunnel network.

                                        Thx and Bye

                                        1 Reply Last reply Reply Quote 0
                                        19 out of 19
                                        • First post
                                          19/19
                                          Last post
                                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                          This community forum collects and processes your personal information.
                                          consent.not_received