Openvpn works only with first lan

mgiammarco

Hello,

I have a setup with pfsense running as an openvpn client to an external server.

It works very well:pfsense servers on lan can see remote servers.

Now I have added to pfsense several vlan (opt1, opt2, etc.) but the pc on these subnets cannot see remote servers: their gateway (pfsense) route the data to internet and not to openvpn.

It seems that only pfsense lan gateway has the right routing table.

What can I do?

Thanks in advance for any help.

Mario

GruensFroeschli

How do your firewall rules on the OPTx interfaces look like?
Did you create routes for the additional subnets on the remote site? (with the route command in the custom options).

mgiammarco

@GruensFroeschli:

How do your firewall rules on the OPTx interfaces look like?
Did you create routes for the additional subnets on the remote site? (with the route command in the custom options).

Yes I have tried with routes and also with static routes. But the problem is that firewall rules on lan are the same of opt1: lan works, opt1 not works.

GruensFroeschli

The problem isnt with the firewall rules on the local side.
The problem lies with the routes on the remote site.

What is on the remote side?
You need to add routes on the remote site! Not on the local pfSense.

mgiammarco

Sigh, you are right, my fault: a wrong subnet mask did not allow new routes.

Thank you!