Routing between 2 openvpn foreign networks with different pfsense boxes

olegvekhov

Hello! I have this setup:

OpenVPN [O1] foreign network 10.1.0.0/24 == [A] pfSense box 10.2.0.4/24 [em0] (has additional network 10.3.0.0/24 [em1] == [B] pfsense box 10.2.0.5/24 [em0] (has additional network 10.4.0.0/24 [em1] == OpenVPN [O2] foreign network 10.6.0.0/24.

Firewall is disabled on each pfsense for testing (allow all traffic on all interfaces rule is added)

Routes are correct on each openvpn boxes - checked twice.

In short, I can't access from [O1] to [O2]

I can ping from 10.6.0.0/24 to 10.3.0.0/24
I can ping from 10.1.0.0/24 to 10.4.0.0/24

But I can't ping from 10.1.0.0/24 to 10.6.0.0/24 and reverse.

When I try to ping from 10.1.0.0/24 I can tcpdump [em0] on [B] pfsense box, and I see ICMP requests:
ICMP from 10.1.0.1 to 10.6.0.1
netstat -rn shows me that 10.6.0.1 is reachable via OpenVPN interface ovpns1.

However, I can't see ICMP requests on ovpns1 Openvpn interface on [B] box.

Derelict

You should probably paste screen shots of what you have done and not a textual representation of what you think you have done. Screen shots of Diagnostics > Routes, the OpenVPN client and server, and the OpenVPN Firewall rules would be a good start.

Please be a little more specific, like instead of I can ping from 10.6.0.0/24 to 10.3.0.0/24 try I can ping from 10.6.0.101 to 10.3.0.62.

What is an OpenVPN foreign network ??