Bi-Directional Access and 3 way (SOLVED)



  • Hi guys…new user here...1st post

    I searched the forums for the answer and every situation is different.  I have a 3 site setup working kinda.

    Master site (server site) 192.168.1.0 (pfSense 192.168.1.1) OpenVPN Server

    Remote site A 192.168.2.0 (Asus Merlin 192.168.2.1) OpenVPN client

    Remote site B 192.168.3.0 (Asus Merlin 192.168.3.1)OpenVPN client

    VPN net 192.168.100.0

    I can access the server side from any of the remote sites.  But I cant access from server side to remote side.  So it looks like the routing is working on the remote sites but not server site.  How do I make this happen? Looks like I have to add something on the pfSense config somewhere but I cant figure it out.  After I get this working, then I would be looking to get all nets talking to each other, remote sites talking to each other.  Not necessary now but in the future I would like the remote sites to talk to each other.



  • Anyone?



  • You have to set up a client specific override for each client. This only works with SSL Auth.

    At "Common Name" enter the common name you've set in the clients certificate. At "IPv4 Local Network/s" enter the LAN network behind the server and the LAN behind the respective other client, in the "IPv4 Remote Network/s" box enter the LAN network behind the meant client. All networks in CIDR notation and comma separated.



  • @viragomann:

    You have to set up a client specific override for each client. This only works with SSL Auth.

    At "Common Name" enter the common name you've set in the clients certificate. At "IPv4 Local Network/s" enter the LAN network behind the server and the LAN behind the respective other client, in the "IPv4 Remote Network/s" box enter the LAN network behind the meant client. All networks in CIDR notation and comma separated.

    YOU ARE A LIFE SAVER!!  All I did was change to peer to peer SSL/TLS, added net info into remote nets, and the client specific entries.  And it worked!  A to B, B to C, and A to C.  3 Way VPN!  Thanks brother!!


Log in to reply