Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Routing between Site-to-site VPN setups

    Routing and Multi WAN
    2
    3
    267
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bwhiteford last edited by

      Hello all! Thanks very much for the wonderful community here.

      We have pfSense deployed very successfully with one central site and 10 remote sites connected site-to-site using OpenVPN. This configuration has been rock-solid for us and has been stable for about a year. Initially, the only requirement was for the remote sites to be able to access resources at our central site and vice versa. The requirement has now come up where remote sites will need to be able to access resources at other remote sites or via client VPN. I have not been able to make this work yet.

      For example:
      Central site networks: 192.168.200.0/24, 192.168.210.0/24, etc.
      Remote site 1: Single 10.1.100.0/24 network
      Remote site 2: Single 10.1.101.0/24 network

      Presently, remote sites 1 and 2 can access resources at the central site, and the central site can access resources at the remote sites. But, remote site 1 cannot access resources at remote site 2. We presently have the firewall rules for OpenVPN wide open as we don't have a need to secure things in that manner yet.

      Can someone give me some ideas to look into?

      Thanks very much!
      Brooks

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Did you add (or push if using server mode) the remote site 1 network to remote site 2 as a Remote Network? And Vice Versa?

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • B
          bwhiteford last edited by

          Doh! That's exactly what it was, thank you Derelict. Didn't even think about that.

          It's working great now.

          Thanks again!
          Brooks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post