Routing loop with my configuration

pierinhood · Nov 24, 2018, 1:30 PM

Hi there,
I use two Pfsense v2.4.4 in two different locations with the following configuration:

Office 1
ISP Router (ip 172.20.1.1) --> Pfsense Wan port (172.20.1.254)
--> Pfsense Lan port (172.31.1.1)
Office 2
Pfsense WAN port (Public IP)
Pfsense LAN port (10.100.0.1)

The two routers are connected through a VPN Ipsec and both Offices can communicate through lan.
Following this guide https://www.netgate.com/docs/pfsense/book/ipsec/site-to-site.html I managed to set successfully a gateway and a static route to the PFsense in Office 1:

Office 1:
10.100.0.0/24 gw 172.31.1.1

Office 2:
172.31.1.0/24 gw 10.100.0.1

I configured an OpenVPN Remote Access Server in Office 1 that push both lan 172.31.0.0/24 and 10.100.0.1/24
Client connecting through VPN using OpenVPN can reach flawlessly the lan in Office 1 (172.31.0.0./24) but can’t reach, probably due to routing loops, the lan in Office 2 (10.100.0.0/24:)

tracert 10.100.0.1
Trace Route toward 10.100.0.1 based on a maximum of 30 passage points:
1 7 ms 6 ms 6 ms 10.1.2.1
2 7 ms 7 ms 6 ms 172.31.1.1
3 8 ms 8 ms 7 ms 172.31.1.1
4 6 ms 8 ms 6 ms 172.31.1.1
5 8 ms 6 ms 7 ms 172.31.1.1
6 9 ms 9 ms 10 ms 172.31.1.1
7 8 ms 7 ms 9 ms 172.31.1.1
8 7 ms 7 ms 7 ms 172.31.1.1
9 7 ms 7 ms 9 ms 172.31.1.1
10 6 ms 8 ms 7 ms 172.31.1.1
11 7 ms 7 ms 7 ms 172.31.1.1
12 7 ms 7 ms 7 ms 172.31.1.1
13 8 ms 7 ms 7 ms 172.31.1.1
14 8 ms 7 ms 6 ms 172.31.1.1
15 9 ms 8 ms 7 ms 172.31.1.1
16 9 ms * 7 ms 172.31.1.1
17 7 ms 7 ms 7 ms 172.31.1.1
18 7 ms 6 ms 7 ms 172.31.1.1
19 7 ms 7 ms 7 ms 172.31.1.1
20 7 ms 7 ms 6 ms 172.31.1.1
21 8 ms 7 ms 7 ms 172.31.1.1
22 7 ms 7 ms 7 ms 172.31.1.1
23 7 ms 7 ms 6 ms 172.31.1.1
24 7 ms 7 ms 7 ms 172.31.1.1
25 7 ms 7 ms 7 ms 172.31.1.1
26 8 ms 7 ms 6 ms 172.31.1.1
27 7 ms 7 ms 7 ms 172.31.1.1
28 7 ms 7 ms 7 ms 172.31.1.1
29 8 ms 6 ms 6 ms 172.31.1.1
30 8 ms 7 ms 7 ms 172.31.1.1

Can you help me understand as well as finding a solution?
Thank you!