LAN to LAN routing via VPN not working
-
Hi,
I have the following layout....
LAN 1 --- OVPN Client --- OVPN Cloud Server --- OVPN Client --- LAN 2
10.0.0.0 -- 10.0.0.254------------------------------- 10.0.1.254 ---- 10.0.1.0On my old, (TP link), routers running standard firmware, I had static routes to point 10.0.1.0/24 to 10.0.0.254 for example. All worked fine and as expected, can RDP, traceroute etc between LAN's
On LAN 1 the router has gone pop, so decided to venture into pfSense, (I've been using DD-WRT for years), setup a virtual appliance, all normal traffic is fine. added a static route to the OVPN client to route 10.0.1.0 via 10.0.0.254, but it doesn't work, I can tracert to the OVPN client at the far end, 10.0.1.254, and from the pfSense GUI I can do a traceroute to any machine on LAN 2, but I can't route traffic between machines on the different LAN's and it was all working fine, with the old routers, it's something I'm missing in the config on pfSense.
Help!
Simon
-
@Mavhack Probably Outbound NAT. For VPN you have to configure it manually in pfSense. Also look at your rules.
-
The OVPN client is a seperate VM. So not sure why the firewall and outbound NAT would interfere with it.
-
Don't set any routes manually for OpenVPN traffic, use the IPv4 Remote network(s) box to tell your Client instance about the networks to reach via this tunnel.
Or push it from the server to Clients, but never manually!-Rico
-
OpenVPN is on a separate box, so I'm pushing the traffic to that box from pfSense for the remote network.
-
So you are just skipping parts when showing us your layout?
Yeah ICMP working but not TCP for example sounds like asymmetrical routing, hard to tell with only knowing a few small pieces of your network and configuration.-Rico
-
This post is deleted!
