Can't reach backup firewall when connected by VPN
-
Hello,
I've followed the doc to setup the HA and everything works as expected. I only have an issue where if connected by VPN to the main firewall (192.168.1.253) I can't ping nor reach the webui of the backup firewall (192.168.1.254).
The VPN uses a different subnet (192.168.2.0/24) but I can reach other servers in the same subnet as the firewalls fine.
When connected locally into the LAN, I can reach the second firewall correctly.
Is there something special I need to do ?
Thanks !
-
https://docs.netgate.com/pfsense/en/latest/highavailability/troubleshooting-vpn-connectivity-to-a-high-availability-secondary-node.html
-
Thanks for the link ! I was able to make it work for the road warriors but settings the same for the Site-To-Site openvpn tunnel is not working.
My tunnel is 10.1.99.0/30 so I added the following outbound rule:
Source: 10.1.99.0/30
Destination: Alias with both firewalls LAN IPs
NAT Address: LAN addresse -
For the site to site vpn, you must use the remote LAN in the source box instead of the tunnel network.
-
Well that was it ! Thanks a lot for the help !