OpenVPN Routing Issue

  • I have an issue with setting up and OpenVPN Site to Site SSL/TLS link between two sites.

    It all worked fine previously, but after deleting the tunnel and recreating it, the tunnel comes up but routing between the two sites IP addresses do not work.

    Site A (Server) Subnet =
    Site B (Client) Subnet =
    OpenVPN Tunnel Subnet =
    Site A Tunnel IP (Server) =
    Site B Tunnel IP (Client) =

    The only odd thing that I can see is the following in the routing table at each of the Server side and the Remote side:

    The server sides routing table has via gateway which is the remote sites Tunnel IP. The remote site has via gateway which is the servers sides IP. Surely I would expect each site to be the other way round? Access to the Subnet from the OpenVPN server should be via its own tunnel IP and the remote side should be via its own IP

    Like I’ve said, the tunnel comes up fine but I cannot ping either site from each site and I cannot ping either sides OpenVPN Tunnel IP Address either from the Ping utility within PFSense or from command line when SSH’ing into both sites PFsense instance.

    Like I’ve said before, this was all working fine, but after deleting the setup to change the encryption levels to high settings, it now won’t work and I’m completely stuck. I’ve tried deleting all CA Certificates, Server Certificates, User Certificates, Client Overrides and starting over using default settings. I’ve tried a Peer to Peer Preshared Key setup with the same results... the tunnel comes up fine, but routing between the two sites and the VPN tunnel Subnet will not ping each other... I’ve tried everything and I’m stumped :(

    I also have another setup using a different version of PFSense as the server (2.3.2) connecting to remote client PFSense firewalls that are on a mixture of 2.4.x at the remote sites and it all works fine.

    I’m willing to pay someone hourly to help me via TeamViewer if there’s anyone out there that can help?

  • LAYER 8 Rebel Alliance

    Why did you delete the whole Config only to change the encryption settings? You can just Edit all the settings...
    Do you have your Firewall Rules in place in the OpenVPN Tab? For testing just do some any any Rule.


Log in to reply