Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Connectivity between OVPN Client and Peer-to-Peer networks

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 3 Posters 610 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LPervak
      last edited by

      I have successfully created connections between 4 remote offices (see attached for deatils). My general settings for each server are:
      Server mode: Peer to Peer (Shared key)
      Protocol: UDP on IPv4 only
      Device mode: TUN
      IPv4 Tunnel Network: 10.X.Y.0/24 (X - Server# , Y - Client#)
      IPv4 Remote network(s): SiteY LAN

      Traffic runs from any LAN to any LAN.

      BUT when I'm connecting as an external OVPN Client to one of the servers I can reach only server's LAN I'm connected to, but not the other Sites LANs.
      My general settings for External connections:
      Server mode: Remote Access (SSL/TSL + User Auth)
      Protocol: UDP IPv4 and IPv6 on all interfaces (multihome) - this was set by default
      Device mode: TAP (also tried TUN)
      IPv4 Tunnel Network: 10.X.5.0/24 (X - Server#) - I'm using "5" for all external clients on all servers
      IPv4 Local network(s): ServerX LAN

      How can I get it work so External client can reach other remote networks?

      ![4 Site connection with pfSense and openVPN (1).png](/public/imported_attachments/1/4 Site connection with pfSense and openVPN (1).png)
      ![4 Site connection with pfSense and openVPN (1).png_thumb](/public/imported_attachments/1/4 Site connection with pfSense and openVPN (1).png_thumb)

      1 Reply Last reply Reply Quote 0
      • R
        rolstone
        last edited by

        My problem have the same issue.(Sorry about my poor English!!)

        I have four Pfsense server and one FortiNet firewall and using IPSec sites to sites VPN each other.
        It run so far so good.(every site under different site can use other site resource)

        But when I setup OpenVpn server 192.168.253.1/24
        when I using NB to connect OpenVpn server(site D),
        It get IP address 192.168.253.2,
        and can ping 192.168.3.254/24 ,

        But just can't ping 192.168.0.10/24 any Server.

        I add static route 192.168.253.0/24 to WAN.
        What else do I miss?

        ===

        My Problem had solved.
        https://forum.pfsense.org/index.php?topic=117344.0

        20180518VPN.png
        20180518VPN.png_thumb

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          How can I get it work so External client can reach other remote networks?

          The external client probably has no problem reaching the remote sites. What is probably missing is a route back for that remote access tunnel network.

          Site 2, Site 3, and Site 4 all need a Remote Network entry for 10.2.5.0/24 on the connection back to Site 1.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • L
            LPervak
            last edited by

            This thread solved my issue - https://forum.pfsense.org/index.php?topic=147108.0

            Added remote site's LANs into Access server's config.

            Works fine!

            Thanks!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.