Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN site-to-site tunnel connected but can't access local network

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      Lurchman
      last edited by

      Hi everyone,

      I have a pfSense (2.4.4) OPENVPN site-to-site (shared key) setup. The VPN tunnel is up and from each of the pfSense boxes I can ping the remote subnets. When I want to ping or access the remote subnet from a client-PC I get a timeout.

      • Tunnel IP is 10.0.9.0/24 (I also tried 30) on server and client side

      • Serverside subnet is 192.168.250.0/24

      • Clientside subnet is 172.16.0.0/21

      • Remote subnets are configured in OPENVPN configuration

      • OPENVPN firewall rules any-any are configured on both sides

      • OPENVPN Gateway on clientside is created en firewallrules any-any are set

      • Remote subnets are visible in routing tables

      • Local windows firewalls are disabled

      I tried using a outbound NAT rule -> No succes
      I tried adding static routes -> No succes

      Anybody got ideas on what I'm doing wrong?

      Thx!

      1 Reply Last reply Reply Quote 0
      • Y
        yumcheese
        last edited by

        Your settings seem okay to me. I just started using OpenVPN though. I'm assuming you went through these links:
        https://docs.netgate.com/pfsense/en/latest/book/openvpn/site-to-site-example-configuration-shared-key.html
        https://docs.netgate.com/pfsense/en/latest/book/openvpn/troubleshooting-openvpn.html

        Have you tried using Packet Captures on each side to look for ICMP traffic? You might need to post some sanitized configs for more help.

        1 Reply Last reply Reply Quote 0
        • L
          Lurchman
          last edited by

          Hi Guys,

          I figured something out. There is also a IPSec tunnel on our pfSense for other purposes. When I stop the IPSec service traffic is passing fine in the OPENVPN connection.
          Any idea how I can use a combination (IPSec must stay but in combination with some extra OPENVPN tunnels)?
          I also tried extra IPSec tunnels but same problem (IPSec tunnel Phase 1 & 2 are Up but no LAN traffic possible between my subnets).

          1 Reply Last reply Reply Quote 0
          • JeGrJ
            JeGr LAYER 8 Moderator
            last edited by

            OpenVPN and IPSec have no problem whatsoever in co-existing and having tunnels defined. If stopping IPSEC makes your OVPN tunnel work, you have it wrong. Most commonly you are probably using the same subnets on OVPN as in IPSEC or try to route a network that is already defined in IPSEC. Without your config, that's all we can guess.

            Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

            If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

            L 1 Reply Last reply Reply Quote 0
            • L
              Lurchman @JeGr
              last edited by

              This post is deleted!
              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.