Site-to-Site Shared Key problem

Stef

Hi,

I have a Site-To-Site issue with a shared key settings. I've read here and there on the forum, and though I was doing everying correctly,
however that isn't the case

OpenVPN address pool
                                    192.168.89.0/24
192.168.100.0/24–--192.168.100.254<----Internet----->192.168.95.254----192.168.95.0/24
Server-LAN            pfSense                          pfSense          Client-LAN

At first view the connection is established correctly.

Both the client & the server can ping 192.168.89.1 & 192.168.89.2

However the client network can't ping / reach anything on the server network and vice versa.

On the server setup I've tried both the custom option or remote network.

I do have the impression that the routing tables both on client & server are filled in correctly.
Both on client & server the network from the other side is present in the routing tables as in pictures included.
that remote network always references 192.168.89.1 / 192.168.89.2 and that itself references the remote site which goes to a tun0/1.

I guess I'm forgetting something or doing something wrong ?

Any help would be appreciated.

Stef

Client log:
Jan 8 20:42:55 openvpn[539]: Initialization Sequence Completed
Jan 8 20:42:54 openvpn[539]: Peer Connection Initiated with x.x.x.x:1195
Jan 8 20:42:54 openvpn[539]: TCPv4_CLIENT link remote: x.x.x.x:1195
Jan 8 20:42:54 openvpn[539]: TCPv4_CLIENT link local: [undef]
Jan 8 20:42:54 openvpn[539]: TCP/UDP: Dynamic remote address changed during TCP connection establishment
Jan 8 20:42:54 openvpn[539]: TCP connection established with x.x.x.x:1195
Jan 8 20:42:49 openvpn[539]: TCP: connect to x.x.x.x:1195 failed, will try again in 5 seconds: Connection refused (errno=61)
Jan 8 20:42:49 openvpn[539]: Attempting to establish TCP connection with x.x.x.x:1195
Jan 8 20:42:49 openvpn[539]: Preserving previous TUN/TAP instance: tun0
Jan 8 20:42:49 openvpn[539]: LZO compression initialized
Jan 8 20:42:49 openvpn[539]: Re-using pre-shared static key
Jan 8 20:42:49 openvpn[539]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Jan 8 20:42:44 openvpn[539]: SIGUSR1[soft,connection-reset] received, process restarting
Jan 8 20:42:44 openvpn[539]: Connection reset, restarting [0]

server log :
Jan 8 20:42:55 openvpn[62789]: Initialization Sequence Completed
Jan 8 20:42:54 openvpn[62789]: Peer Connection Initiated with x.x.x.x:31270
Jan 8 20:42:54 openvpn[62789]: TCPv4_SERVER link remote: x.x.x.x:31270
Jan 8 20:42:54 openvpn[62789]: TCPv4_SERVER link local (bound): [undef]:1195
Jan 8 20:42:54 openvpn[62789]: TCP connection established with x.x.x.x:31270
Jan 8 20:42:52 openvpn[62789]: Listening for incoming TCP connection on [undef]:1195
Jan 8 20:42:47 openvpn[59865]: SIGTERM[hard,] received, process exiting
Jan 8 20:42:46 openvpn[62687]: /etc/rc.filter_configure tun1 1500 1563 192.168.89.1 192.168.89.2 init
Jan 8 20:42:46 openvpn[62687]: /sbin/ifconfig tun1 192.168.89.1 192.168.89.2 mtu 1500 netmask 255.255.255.255 up
Jan 8 20:42:46 openvpn[62687]: TUN/TAP device /dev/tun1 opened
Jan 8 20:42:46 openvpn[62687]: gw x.x.x.x
Jan 8 20:42:46 openvpn[62687]: LZO compression initialized
Jan 8 20:42:46 openvpn[62687]: WARNING: file '/var/etc/openvpn_server1.secret' is group or others accessible
Jan 8 20:42:46 openvpn[62687]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008
Jan 8 20:42:44 openvpn[59865]: /etc/rc.filter_configure tun1 1500 1563 192.168.89.1 192.168.89.2 init

ljarutten

Hi,

You just forgat to fillin the remote network on the serverside and remove the Custom options

gr. LR

Stef

I've tried as well by filling in the remote network and not using the custom options or the other way around by the custom options and not the remote network.

The routing table seems the same, but the traffic still doesn't flow :-(