OpenVpn access and ping problems…
-
Hi,
PFsense 2.3.5 box in all 3 locations.
OpenVPN setup as follows:
Site A SERVERS:
Open vpn Server1 tunnel (tunnel ip 172.16.x.x) to site B, connected and works fine. Site A (192.168.1.x/24 LAN) can ping and access Lan of site B(192.168.3.x/24 LAN) and vice versa. All is GOOD.
Open vpn Server2 tunnel (tunnel ip 172.17.x.x) to site C, connected. Pfsense box C can ping Site A Pfsense box and Lan machines from console only! Any Pc connected to Site C Lan cannot ping or see Site A. Site C was Setup EXACTLY as Site B! Cant figure it out!
Site A Pfsense box or lan pcs cannot ping site C Pfsense box or lan!
What the heck is going on???
Summary:
Tunnels connect from site A to B and A to C. All 3 location have their own static public Ip in use.
Site A can ping and see lan of Site B perfectly and vice versa.
Site A CAN NOT ping or see site C from PFsense box or lan .
Site C can ping Site A and lan machines from PFsense box only, not lan machines!All rules and such are IDENTICAL at site B and C!
What the heck am i missing here?
Thanks,
MP
-
Ok, I finally figured it out. Boy what a reminder on why software drive me insane, its just so imperfect.
So after hours of messing with this and checking and rechecking, i got onto a thread where they mentioned the ROUTING TABLE in Pfsense. Humm I thought. So I went there on my SEVER PF box.
Well look at that, there is some weird IP of 192.168.0.1 attached to my OVPNSRV2 OpenVPN. So i compare the entries for the server that works and that just is not right…it should be 192.168.2.0/24!
So I DELETE the 2nd server which was from A to C. Go back to routing table and this entry now refers to" TUN" instead of the deleted OVPNserv2. What the?
I restart the OPENVPN services, nope still there.
So I had to reboot the Site A PFSENSE box. THAT go rid of the rouge routing entry!
I re-created my 2nd server at Site A and WA-La! Its all working! I can PING away!
Ok, thanks self!
HAve a good day!