Client OpenVPN cant see other subnets
-
First off Noob to pfsense
I am using Netgate pfSense 2.4.2
We have 2 sites. I have IPSec Site2Site VPN Tunnel setup and working between the 2 sites. I can ping and rdp from both sides of the IPSec tunnel.
I setup OpenVPN for clients to use for RDP while out of the buildings. The OpenVPN is setup at Site 1.
Remotely, i connect to Site 1 using OpenVPN. I am able to ping and RDP to PC's at Site 1, but i cannot ping or RDP PC's at Site 2.
Doing a google i found that i needed to push a route from the OpenVPN server. I added the route, but that didnt work either. I also tried adding a static route that didnt work either.
Any help would be appreciated
-
Don't set static routes for subnets behind vpn connections!
For a correct routing you need to set up:
-
On the OpenVPN access server add the site 2 LAN network to the "Local Networks". That pushes the route for this subnet to the client.
-
On the IPSec connection you have to add an additional phase 2 for the OpenVPN tunnel network:
On site 1 enter the OpenVPN tunnel network into the "Local network" box and the site 2 LAN network into the "remote network".
On site 2 fill in the fields contrary.
Prerequisite for this to work is that the vpn endpoints are the default gateway on both sites and that your firewall rules permit the access.
-
-
Got it working.. Thnx..