openvpn Roadwarrior access to both lan in site to site
-
Hi guys,
I know, i know, i read ALOT of thread about this question but i didn't find my answer or i might not understand sommething.
Site A (server)
pfsense 2.4.4 p1
local network : 192.168.20.0/24Site B (Client)
pfsense 2.4.4 p1
local network : 192.168.10.0/24openvpn Tunnel : 10.0.8.0/24
This is working great, no problem there. Every machine can access any remote network machine no mather wich side.
Roadwarrior connect on Site A (tunnel 10.0.20.0/24), no problem. See every machine on local network but nothing on Site B
On server side in openvpn, i put 192.168.20.0/24,10.0.20.0/24 in local network
On client side, i put 192.168.20.0/24,10.0.20.0/24 in remote networkServer side Firewall rules :
Wan : IPV4 UDP all open on site to site port and another rule wich same setting on roadwarrior port.
Lan : IPV4, lan net, any destination, any port, any gateway
openvpn : IPV4 all openClient side Firewall rules :
Wan : IPV4 UDP all open on site to site port
Lan : IPV4, lan net, any destination, any port, any gateway
openvpn : IPV4 all openi cant pin point what could go wrong. site to site work flawlessly since years, roadwarrior work flawlessly on local network.
If you can help me on this, i would realy appreciate !
thanks in advance ;)
-
In order for your roadwarrior clients to access resources @ site B, two things need to happen:
- Site A's road warrior clients need to know that site B's LAN subnet should be routed down the tunnel
- Site B needs to know where to send the return traffic for site A's road warrior clients
Based on the above, the following adjustments should be made to the configs:
Site A:
- Road Warrior config should have "192.168.20.0/24, 192.168.10.0/24" on the IPv4 Local network(s) line. (Remove 10.0.20.0/24).
Site B:
- Re-verify the site-to-site config has "192.168.20.0/24, 10.0.20.0/24" on the IPv4 Remote network(s) line
Once the site-to-site tunnel is re-established and the clients re-connect, you should be good to go.