Can't get OpenVPN roadwarrior traffic to pass over existing IPSEC site-to-site VPN
-
Let me start with a basic Network Overview, we have an existing Site to Site IPSEC tunnel between pfsense at the top office and Watchguard at the bottom office. 192.168.1.0 <-> 192.168.251.0
Remote staff connect to the pfsense office via OpenVPN. 172.16.0.0 <-> 192.168.1.0
I can't seem to get the 172.16.0.0 range to access 192.168.251.0 range. In the OpenVPN settings I've allowed the 192.168.251.0 range. Screenshot here
I've created a second P2 on the pfsense as well as on the Watchguard. This has been added to the existing Watchguard firewall rule that contains our other existing site to site allowed networks.
On the pfsense we're allowing all for the ipsec firewall and openvpn firewall rules.
I've read everything that I can find and thought I'd now reach out here for suggestions, hopefully its something simple I've missed.
Thanks in advance!
-
This might sound crazy but, in your OpenVPN settings under IPv4 Local network(s), there is a space between the comma and the 192.168.251.0/24. I would remove that space. I don't know if it will help, but the instructions do read "comma-separated" - no mention of spaces. Otherwise I don't see anything wrong with your setup, and I do have a similar setup here which works fine (the other end of my IPSec tunnel is an Azure VNet).