Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Multiple Remote Networks and LAN firewall rule gateway.

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 176 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Hydrogenium
      last edited by

      I have the following setup:
      WAN Gateway 1: cable internet, flagged as default gateway
      WAN Gateway 2: fiber internet, used as interface for OpenVPN server

      LAN: 172.16.1.0/24
      OpenVPN tunnel: 172.16.2.0/24
      OpenVPN client 1 remote network: 172.16.3.0/24
      OpenVPN client 2 remote network: 172.16.5.0/24

      LAN and OpenVPN both have the default firewall rules set (allow all traffic).

      If I edit the LAN firewall rule to specify the gateway as WAN gateway 1 (which is what it uses anyway since WAN 1 is the default gateway) all packages initiated from LAN to 172.16.5.0/24 get dropped. Packages initiated from 172.16.5.0/24 to LAN are fine (I can ping LAN addresses from 172.16.5.0/24). Also 172.16.3.0/24 has absolutely no issues.

      Swapping the order in which the two remote networks are listed in the OpenVPN server configuration UI reverses the situation, where 172.16.3.0/24 is now unreachable from LAN and 172.16.5.0/24 works fine.

      This is using Pfsense version 2.3.4 on netgate gear (I can't remember the model atm).

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.