remote OpenVPN-client LAN not reachable

sgw

@johnpoz said in remote OpenVPN-client LAN not reachable:

Well have to live with the limitations of the other end - replace it with pfsense ;)

I disabled comp (chose 1st entry "Disable Compression"), he disabled. I push compress options there now and I get a ping and these logs:

SENT CONTROL [aba_n_ka]: 'PUSH_REPLY,route 192.168.160.0 255.255.255.0,compress ,route-gateway 10.1.160.1,topology subnet,ping 10,ping-restart 60,redirect-gateway def1,ifconfig 10.1.160.3 255.255.255.0,peer-id 1,cipher AES-128-GCM' (status=1)

Otherwise it seems rather safe to me. The clients are only allowed to one separate VLAN behind pfsense etc etc

The guy understands all the fuzzing around, but I assume he mistrusts me and pfsense a bit now ;-)

johnpoz

@sgw said in remote OpenVPN-client LAN not reachable:

redirect-gateway def1

Why are you redirecting gateway? That is normally not done in a site to site setup.

sgw

@johnpoz said in remote OpenVPN-client LAN not reachable:

@sgw said in remote OpenVPN-client LAN not reachable:

redirect-gateway def1

Why are you redirecting gateway? That is normally not done in a site to site setup.

A leftover from my desparate debugging. Thanks for spotting, disabled it now (was in the CSO).