OpenVpn Routing
-
Hi,
please help me.
I have this kind of configuration: Pfsense with LAN interface 172.31.1.81/16, Wan and OPT1 172.30.198.0/24 interface.
I have to configure a vpn between pfsese OPT1 net and a remote Gl-Inet 4G router where internal lan is 192.168.8.0/24I configured a OpenVpn server in this way:
Exported the configuration, the VPN is up and running,
but from OPT1 I can't ping or traceroute the remote IPs 192.168.8.0/24, but I can do the reverse thing, from 192.168.8.0 I can ping 172.30.198.0.....
It seems that the pfsense don't have a route to 192.168.8.0......So I put a static:
but nothing has changed.....What is wrong ? Where are my issues ?
Thanks a lot for your answers
Dario -
Don't use public IP ranges for a VPN tunnel network! Also for a site-2-site a /30 mask will be sufficient.
Don't use static routes with VPN gateways! The route is set by OpenVPN.Possibly the remote router blocks access from your OPT1.
-
Why are you using 223.0.0.0 /25? You should be using something from RFC 1918. Also, you don't need a /25, unless you have several clients. If it's just a single client at the other end, a /30 can be used or even /31, though that may cause problems for Windows.
-
-
Yes, though, as I mentioned, it might cause problems with Windows. The original thought behind a /30 was you needed 2 addresses for the end points and 1 each for broadcast and network, but neither of the latter is needed for a point to point link.
