Routing between Site-to-site VPN setups



  • Hello all! Thanks very much for the wonderful community here.

    We have pfSense deployed very successfully with one central site and 10 remote sites connected site-to-site using OpenVPN. This configuration has been rock-solid for us and has been stable for about a year. Initially, the only requirement was for the remote sites to be able to access resources at our central site and vice versa. The requirement has now come up where remote sites will need to be able to access resources at other remote sites or via client VPN. I have not been able to make this work yet.

    For example:
    Central site networks: 192.168.200.0/24, 192.168.210.0/24, etc.
    Remote site 1: Single 10.1.100.0/24 network
    Remote site 2: Single 10.1.101.0/24 network

    Presently, remote sites 1 and 2 can access resources at the central site, and the central site can access resources at the remote sites. But, remote site 1 cannot access resources at remote site 2. We presently have the firewall rules for OpenVPN wide open as we don't have a need to secure things in that manner yet.

    Can someone give me some ideas to look into?

    Thanks very much!
    Brooks


  • Netgate

    Did you add (or push if using server mode) the remote site 1 network to remote site 2 as a Remote Network? And Vice Versa?



  • Doh! That's exactly what it was, thank you Derelict. Didn't even think about that.

    It's working great now.

    Thanks again!
    Brooks