Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN site-site tunnel with pfsense and ASUS RT-AC66U-asuswrt-merlin as client

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      taz
      last edited by

      Don't know where to start. Have been messing with this for over a week…

      I'll start with what is working...

      It all started when i had an IP Phone (H.323) i wanted to use at my office1 (pfsense). The phone is connected via a IPSEC tunnel to office2 (pfsense) where the "PBX" is located. The phone registers fine and i can use it without a problem.

      I then wanted to use the phone at home1 also... I have a pfsense at home to.  I created a OpenVPN tunnel to office1 (to use other stuff at office1 also, not only the phone). I then entered the ip of the home network in the ipsec tunnel also... I got the phone to work at home without a problem really..

      When i use the phone at home it goes this way to the PBX:  phone -> Home1 ->OpenVPN tunnel -> Office1 -> IPsec tunnel -> Office2 -> PBX.

      Now the problem starts. My collegue wanted to do the same thing (Home2), use his phone from Office1 at home also.. He bought a ASUS RT-AC66U and wanted me to set it up so he could use his phone at home. It turned out the firmware in ASUS router did not really work with site-site tunnels.. I tried a OpenVPN RemoteAccess (SSL/TLS) connection instead but ended up with bearer channel issues on his phone.. The phone registered ok but i could not make calls with it.. I installed AsusWRT-Merlin on the router instead. Configured the site-site tunnel.. But for some reason i could not route the traffic from Office1->Office2 and back.. I instead created a OpenVPN site-site tunnel from Home2 to Office2 directly.. I could ping the PBX and also register the phone but i have the same bearer channel issues not beeing able to make a call...

      It feels im stuck now... I'm unsure about the settings in the webui of the ASUS router (Home2) together with Pfsense in the other end (Office2)...

      I guess the "Create NAT on tunnel" creating the issues? See screenshot.. But if i select No instead of Yes.. It says "routes must be configured manually" .. What routes? The routes to the Office2 is added in the "custom configuration" box... (route 10.51.0.0) ... Well... Does anyone have any inputs here? :(

      I didnt want to make the first post too long...
      asus.JPG
      asus.JPG_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.