Site to site tunnel - can ping from one side but not the other
Long time since I've posted on here!
I have an issue that's left me tearing my hair out with a site to site VPN.
I'm using OpenVPN using peer-peer shared key.
My vpn is showing as UP however I can't seem to ping from one side of the tunnel.
No matter which way I set-up the server and client, the same pfsense box cannot ping the other side.
I've successfully set up a vpn this way before without any issues. I was wondering if anybody had any pointers to what it could be?
I've got a remote access vpn as well on the site where that fails to ping the other site however this works correctly.
KOM last edited by
Have you gone through the OpenVPN Troubleshooting guide?
Sounds similar to my issue: https://forum.netgate.com/topic/140889/site-to-site-tunnel-routing-through-wrong-vpn-network-half-the-time
Try running a packet capture on the remote access VPN to see if it's the same issue as me. Also check the state table Diagnostics > States (interface any, filter "icmp") when doing a ping -t.
Can ping from one side but not the other
Either firewall rules on the OpenVPN tab (or assigned interface) on the side you can't ping
OR a firewall on the device you can't ping itself.
OR policy routing on the side that cannot ping the other forcing connections over a different path.