OpenVPN Client to OpenVPN Site and IPSec Site

  • Hi,
    I have connected my OpenVPN Sites to the IPSec Site (where I can't have pfsense). For simplicity purposes, I have the following:

    1 Main Ipsec Site:
    2 Main OpenVPN Site: (tunnel
    3 Remote OpenVPN Site 1: (tunnel
    4 Remote OpenVPN Site 2: (tunnel
    5 OpenVPN Mobile Clients: tunnel

    So 1 through 4 everything is well connected. Can ping and do everything between them. The weirdness is on 5. I can access 1 (Ipsec Site) and 2 (Main OpenVPN Site), but can't reach at all 3 and 4 (the remote OpenVPN Sites).

    So I am looking for a shed of light that can let me know what I need to do on 5 so that I can access the Remote OpenVPN Sites?

    I appreciate any ideas.



  • LAYER 8 Netgate

    First, what mode OpenVPN did you set up? SSL/TLS, Shared Key, etc?

  • Hi
    Thanks for the reply. The site to site openvpn and the mobile to site mode are both ssl/tls.

    Thanks again


  • LAYER 8 Netgate

    @newcmelgar said in OpenVPN Client to OpenVPN Site and IPSec Site:

    So add as a local network on the server. It should be pushed to the clients. Be sure the traffic is passed by the necessary firewall rules on the OpenVPN servers, clients, and/or assigned interfaces.

    Same with the Remote Access server. If it is not redirect-gateway def1 you need to add the spoke subnets (,, etc) to the Local Networks on the Remote access server so they know to send traffic for those over the tunnel.

  • @derelict I will send you the changes tonight (as I don't want to interrupt users connectivity at the moment). I do remember trying that but I think it didn't work. Anyways, I will get back to you in the evening.

  • @derelict Thanks for the tip! My problem was not having the on the local and remote networks. I had the spoke subnets in the remote access server. Much appreciated!

Log in to reply