Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Connectivity between OVPN Client and Peer-to-Peer networks

    OpenVPN
    3
    4
    259
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LPervak last edited by

      I have successfully created connections between 4 remote offices (see attached for deatils). My general settings for each server are:
      Server mode: Peer to Peer (Shared key)
      Protocol: UDP on IPv4 only
      Device mode: TUN
      IPv4 Tunnel Network: 10.X.Y.0/24 (X - Server# , Y - Client#)
      IPv4 Remote network(s): SiteY LAN

      Traffic runs from any LAN to any LAN.

      BUT when I'm connecting as an external OVPN Client to one of the servers I can reach only server's LAN I'm connected to, but not the other Sites LANs.
      My general settings for External connections:
      Server mode: Remote Access (SSL/TSL + User Auth)
      Protocol: UDP IPv4 and IPv6 on all interfaces (multihome) - this was set by default
      Device mode: TAP (also tried TUN)
      IPv4 Tunnel Network: 10.X.5.0/24 (X - Server#) - I'm using "5" for all external clients on all servers
      IPv4 Local network(s): ServerX LAN

      How can I get it work so External client can reach other remote networks?

      ![4 Site connection with pfSense and openVPN (1).png](/public/imported_attachments/1/4 Site connection with pfSense and openVPN (1).png)
      ![4 Site connection with pfSense and openVPN (1).png_thumb](/public/imported_attachments/1/4 Site connection with pfSense and openVPN (1).png_thumb)

      1 Reply Last reply Reply Quote 0
      • R
        rolstone last edited by

        My problem have the same issue.(Sorry about my poor English!!)

        I have four Pfsense server and one FortiNet firewall and using IPSec sites to sites VPN each other.
        It run so far so good.(every site under different site can use other site resource)

        But when I setup OpenVpn server 192.168.253.1/24
        when I using NB to connect OpenVpn server(site D),
        It get IP address 192.168.253.2,
        and can ping 192.168.3.254/24 ,

        But just can't ping 192.168.0.10/24 any Server.

        I add static route 192.168.253.0/24 to WAN.
        What else do I miss?

        ===

        My Problem had solved.
        https://forum.pfsense.org/index.php?topic=117344.0


        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          How can I get it work so External client can reach other remote networks?

          The external client probably has no problem reaching the remote sites. What is probably missing is a route back for that remote access tunnel network.

          Site 2, Site 3, and Site 4 all need a Remote Network entry for 10.2.5.0/24 on the connection back to Site 1.

          Chattanooga, Tennessee, USA
          The pfSense Book is free of charge!
          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • L
            LPervak last edited by

            This thread solved my issue - https://forum.pfsense.org/index.php?topic=147108.0

            Added remote site's LANs into Access server's config.

            Works fine!

            Thanks!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post