cant ping second router across VPN

  • Need some minor PFsense help.

    Have two sites tied together via open VPN all is working great….except at site 1 we have 2 x Pfsense routers, and can not ping to the second router at site 1 from site 2

    Example / details (Router one site one) with VPN to (Router two site one) without VPN (Router one site two) with VPN to (server at site two) can ping to ANYTHING at the network except router 2 /

    I'm guessing it’s a firewall rule on but I'm not sure where/what to change to allow to ping / talk to everything at can ping

    I know I need to set up a route on the non-pingable router or allow pings from the other subnet but I'm not sure how to do that. i need detailed direction pls.

  • You need to add a rule on Router 2 WAN that passes ICMP echoreq, and place it before the Block private networks rule if you have one.

  • @KOM thanks for the information can you provide more detail as to where to do this in the configuration ?

  • Firewall - Rules - WAN.

    Except don't select any for ICMP type, just echoreq. Make sure you disable Block Private Networks if you're pinging from a private address like LANs usually have. You can do that via Interfaces - WAN - Block Private Networks. Uncheck it and Apply.

  • This was not the fix. needed to adjust a routing statement in the VPN router to include the full / 24 I had mistakenly set it to /28

Log in to reply