Client OpenVPN cant see other subnets

  • First off Noob to pfsense

    I am using Netgate pfSense 2.4.2

    We have 2 sites. I have IPSec Site2Site VPN Tunnel setup and working between the 2 sites. I can ping and rdp from both sides of the IPSec tunnel.

    I setup OpenVPN for clients to use for RDP while out of the buildings. The OpenVPN is setup at Site 1.

    Remotely, i connect to Site 1 using OpenVPN. I am able to ping and RDP to PC's at Site 1, but i cannot ping or RDP PC's at Site 2.

    Doing a google i found that i needed to push a route from the OpenVPN server. I added the route, but that didnt work either. I also tried adding a static route that didnt work either.

    Any help would be appreciated

  • Don't set static routes for subnets behind vpn connections!

    For a correct routing you need to set up:

    • On the OpenVPN access server add the site 2 LAN network to the "Local Networks". That pushes the route for this subnet to the client.

    • On the IPSec connection you have to add an additional phase 2 for the OpenVPN tunnel network:
      On site 1 enter the OpenVPN tunnel network into the "Local network" box and the site 2 LAN network into the "remote network".
      On site 2 fill in the fields contrary.

    Prerequisite for this to work is that the vpn endpoints are the default gateway on both sites and that your firewall rules permit the access.

  • Got it working.. Thnx..

Log in to reply