Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What is wrong in this packet capture?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 368 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      azmodeuz
      last edited by

      I am unable to ping the Public Firewall LAN on Site A.

      OpenVPN Config : Peer to Peer SSL/TLS, tun, UDP4. LAN to LAN works fine.

      Site A:
      I have a working pfSense firewall (OVPN) where my OpenVPN Server is and it is behind another pfSense firewall (Public).

      pfSense Public LAN: 192.168.8.5
      pfSense OVPN WAN: 192.168.88.7
      pfSense OVPN LAN: 192.168.8.1

      Site B:
      Direct to internet

      Remote PC on Site B connects thru Site to Site OpenVPN: 192.168.140.10

      Command on Remote PC: ping 192.168.88.5

      CAPTURE thru OPENVPN Interface:
      12:50:25.069237 AF IPv4 (2), length 826: (tos 0x0, ttl 127, id 26046, offset 0, flags [none], proto UDP (17), length 822)
      192.168.140.10.2425 > 192.168.8.51.2425: [udp sum ok] UDP, length 794
      12:50:25.149015 AF IPv4 (2), length 64: (tos 0x0, ttl 127, id 52396, offset 0, flags [none], proto ICMP (1), length 60)
      192.168.140.10 > 192.168.88.5: ICMP echo request, id 1, seq 837, length 40
      12:50:29.849687 AF IPv4 (2), length 64: (tos 0x0, ttl 127, id 52397, offset 0, flags [none], proto ICMP (1), length 60)
      192.168.140.10 > 192.168.88.5: ICMP echo request, id 1, seq 838, length 40
      12:50:34.851582 AF IPv4 (2), length 64: (tos 0x0, ttl 127, id 52398, offset 0, flags [none], proto ICMP (1), length 60)
      192.168.140.10 > 192.168.88.5: ICMP echo request, id 1, seq 839, length 40

      CAPTURE thru WAN Interface:
      12:57:21.703462 00:90:27:fe:2e:0a > 00:0d:b9:3f:90:19, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 126, id 52407, offset 0, flags [none], proto ICMP (1), length 60)
      192.168.140.10 > 192.168.88.5: ICMP echo request, id 1, seq 852, length 40
      12:57:26.354229 00:90:27:fe:2e:0a > 00:0d:b9:3f:90:19, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 126, id 52408, offset 0, flags [none], proto ICMP (1), length 60)
      192.168.140.10 > 192.168.88.5: ICMP echo request, id 1, seq 853, length 40
      12:57:31.352071 00:90:27:fe:2e:0a > 00:0d:b9:3f:90:19, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 126, id 52409, offset 0, flags [none], proto ICMP (1), length 60)
      192.168.140.10 > 192.168.88.5: ICMP echo request, id 1, seq 854, length 40

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by

        I don't understand what you are doing there to be honest.
        Maybe it's just me....the confusion already starts in your first sentence "Public Firewall LAN". 😌
        Can you rephrase your question, show a bit more about your config and sketch up the network layout?

        -Rico

        A 1 Reply Last reply Reply Quote 0
        • A
          azmodeuz @Rico
          last edited by

          @Rico Thank you for noticing my post.

          This is my layout
          The pfSense2 is my Public Firewall or gateway.

          INTERNET == pfSense1 (Client) --- LAN B (192.168.140.0/24) --- PC B (192.168.140.10)
          ||
          pfSense2 (Gateway) --- DMZ net (192.168.88.0/24) --- pfSense3 (Server) --- LAN (192.168.8.0/24)

          LAN B and LAN A can communicate properly except that I am unable to push DNS to LAN B pfSense3 which is both the DNS and OpenVPN server. PC B can ping pfSense3 LAN 192.168.8.1 and WAN 192.168.88.7 but I cannot ping pfSense2 LAN 192.168.88.5.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.