Not Routing to VPN client from LAN
-
Ive been pulling all my hair out trying to figure out what I am missing. Im setting up a site2site openvpn.
Site A
VPN Server
LAN ip 192.168.14.0/24
Tunnel IP 10.10.10.1Site B
VPN Client
LAN ip 192.168.1.0/24
Tunnel IP 10.10.10.2The VPN Status shows that it is up and connected.
From Site B, If I do a Ping from PFSense and change the interface to OpenVPN, I am able to ping the remote Tunnel and LAN of Site A. If I change interface to LAN, I am not able to ping tunnel or remote LAN.
I feel this is some kind of routing issue. Site B does not know how to route the traffic from LAN to OpenVPN Client. What did I miss?
boB
-
@mrwildbob
I assume, you have entered the respectively remote LAN into the "Remote Network/s" field on both sites?Maybe you remote LAN devices are blocking access from outside their own subnet by their system firewall. That's basically not uncommon, it is the default behavior of network enabled devices.
-
I assume, you have entered the respectively remote LAN into the "Remote Network/s" field on both sites?
Yes, I have.
Maybe you remote LAN devices are blocking access from outside their own subnet by their system firewall. That's basically not uncommon, it is the default behavior of network enabled devices.
I see what you mean but none of the devices are blocking any other subnets. From Site B, I can ping from the tunnel interface to all the devices on the remote LAN and get responses. All of the devices on the network do not have any local FW enabled. I just cant ping anything from B-Lan to A-Lan. Both PFSense boxes are running the latest stable firmware.
Thanks
bob -
@mrwildbob
Do the firewall rules on A on the VPN interface allow the access from remote site?Show the IPv4 routing table from A, please.
From what you described, I assume both VPN endpoints are the default gateway in their respective LANs, right?