OpenVPN Site-To-Site routing issues
-
Hi community,
i have a small but big struggling issue on my pfsense setup.What I have done:
I have two pfsense server which are connected together via OpenVPN Site-To-Site with shared key.I setup routing with the remote networks which should be routed trough the vpn, but there is the issue.
I can talk with the machines from the other site but only when:
-pfsense diagnostic tools / this machine can talk with the remote machines everything works
-my computer/server behind , in my local network can not except I setup manual routes on the computer to my remote network or machinesI've setup firewall rules only , NAT is automatic etc. , if I use a peer to peer vpn, everything works
What can it be , that I have to setup manual routes ?
my networks are:
- local site a 192.68.0.0/24 -> if I set to 192.168.0.0/16 that all will be routed nothing works
- local site b 192.68.255.0/24
- tunnel both sites : 10.0.0.0/8
if you have other questions to my configuration, I will post it, but before I try to make it short.
For answer and assumptions I will be many thankful,
Taegu
-
First off, using 10.0.0.0/8 as a tunnel network is not what you want to do. Change that to something like this on both sides:
10.186.216.0/30
192.168.0.0/16 covers both sides, so you can't use it as a remote network there. You want to set these remote networks:
On site A: Remote Networks: 192.168.255.0/24
On site B: Remote Networks: 192.168.0.0/24
It is possible you are trying to supernet everything that is not a local interface but is in 192.168.0.0/16 from both sides, which should be doable, but I would simply get it working first. We are going to need to see full routing tables, firewall rules, etc to see why a supernet isn't working.
