Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to access site-to-site

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 357 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dsgnr
      last edited by dsgnr

      Hey,

      I am working on configuring a remote setup where I have one LAN subnet (10.20.0.0/24) and I am connecting into the server using OpenVPN (172.16.0.0/24).

      I have a site-to-site IPSec tunnel configured where the remote site is 10.50.0.0/20.

      When connected into OpenVPN, I am able to access the 10.20.0.0/24 subnet, but I am unable to communicate with the 10.50.0.0/20 subnet that is over the site-to-site.

      I see nothing in the firewalls to say it's blocking and I'm not seeing anything in the packet capture.

      I have completely opened the firewall for now and even added extra rules for the OpenVPN network.

      Few things that are enabled on OpenVPN server config:
      Inter-client communication
      IPv4 Local network (10.20.0.0/24, 10.50.0.0/20)
      Even attempted routing all traffic to the OpenVPN server to test.
      Device mode (TUN)

      Can anyone suggest anything to try? I'm not seeing any packets even attempt to reach the remote subnet at the moment.

      I have added a second phase 2, just for the OpenVPN network. But I have done this previously and have not needed to do this so unsure why it's different this time.

      Thanks

      1 Reply Last reply Reply Quote 1
      • V Offline
        viragomann
        last edited by

        Yeah, you need an additional phase 2 for the routing between the remote network and the OpenVPN tunnel subnet.
        So the phase 2 has to be added on both site of the IPSec tunnel, of course.

        In the OpenVPN server settings add the remote network 10.50.0.0/20 to the "IPv4 Local network/s".

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.