Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing remote access (OVPN) to peer-to-peer (OVPN) subnet

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 455 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      teppote
      last edited by

      Hi,

      I have issues with routing IP packets from/to OVPN remote access to OVPN peer-to peer subnet.
      Net infra I have in two different locations netgate pfsense+ (21.05.1) with subnets .5.x and .10.x. Between those I have peer-to-peer VPN (10.10.1.0 OVPN).
      Then I have remote access VPN (OVPN 10.0.10.0) connected to .5.x subnet
      Both VPN's working properly but when I need to connect server (located .10.x subnet) it's not work from remote access VPN. (.5.x subnet)

      I tried to set up DNS, gateways, static route, FW (Rules/port forward) by properly way but still packets don't routed from remote access VPN to .10.x subnet....

      After investigate packet routing I'm almost 100% sure that packet from remote access routing to WAN (.1.1 (gateway to out), not .10.x subnet. Why?
      Any help to solve this issue?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @teppote
        last edited by

        @teppote
        All the routing should be done in OpenVPN. So don't set static routes to VPN endpoints!

        For clarity please provide your true internal networks with mask. There is no need to hide private IPs, since nobody can reach them from outside.

        In your case, if .10.x = 10.0.10.0/24 you will have a conflict with OVPN 10.0.10.0, which would explain the routing problem at all.

        1 Reply Last reply Reply Quote 0
        • T
          teppote
          last edited by

          Thanks!
          I'll check situation according your advice.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.