Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN site to site one-way problem

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 459 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johnied
      last edited by

      Hello guys,

      I am losing my head over here. I have successfully set up an Shared Key openvpn site to site between 2 offices.
      Office A is the VPN server's office.
      Office B is the VPN client office.
      The tunnel is up and running and I can ping normally from both LAN interfaces inside the PFSENSE Diagnostics Ping menu. No problem pinging the other side's network from PFSENSE then.

      I can also ping from Office A client pcs normally to the Office B.

      But I can't ping anything from Office B to the VPN tunnel. The DHCP's gateway is set to be the firewall's IP, the DNS as well (along with other DNS servers like 9.9.9.9). I have DNS forwarder in both Firewalls. How is this possible. It seems like when I ping OFFICE A, it does not know how to route the traffic to VPN tunnel. Should I add anything to NAT?

      By the way I managed to make it work for two days. Then after a Pfsense restart (or the client pc I am working on and test) in office B nothing works again. I suspect it has something to do with the DHCP server, but for the love of God, I can't locate the source of the problem.

      When I ping from my PC I can See in the Packet Tracer(LAN) that it tries to ICMP the target but no response.
      But in the Packet Tracer(VPN Tunnel Interface) nothing happens.

      So it does not push the packets into the VPN tunnel, is this the case?

      Please help…

      1 Reply Last reply Reply Quote 0
      • J
        johnied
        last edited by

        Guys problem solved,

        For some reason unknown to me yet, PFBlockeNg was blocking access to pinging and HTTPS sites of the remote network. Http sites worked normally. Once I disabled PFBlockerNG, everything works as expected. Now I have to find the setting in PFBlockerNG to allow simultaneous operation of Site 2 Site VPN and PFBlockerNG .

        Any recommendation is welcome.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.