problem openvpn site to site
-
hello everyone I have already written a post to which there was no answer but it was a bit convoluted, I rephrase the question in a different way
I have various offices connected to the main office via opnevpn site to site so configured
HEADQUARTER 192.168.2.x openvpn server
CLIENT1 192.168.3.x openvpn client 10.0.3.x
CLIENT2 192.168.4.x openvpn client 10.0.4.x
CLIENT3 192.168.111.x openvpn client 10.0.5.xeverything works but I have a problem on CLIENT3 that is:
if from the HEADQUARTER I type the ip of the pfsense server of the remote office, it opens quietly and everything works
I do not understand why if I enter the IP of the CLIENT3 office, pfsenfe of the main OFFICE opens to me, I have checked everything, the offices are all configured in the same way but I do not understand the reason
the only difference is that in the CLIENT3 location pfsense is installed on a vmeware virtual machine, is this the problem? can you give me some advice to solve?thank you
-
So you are trying to open an IP address directly, like 192.168.111.10, and it opens but instead you see a host that is actually in the 192.168.2.X subnet?
Are you actually using the IP address or the host name? Is it just resolving incorrectly?
How are you attempting to connect exactly?
Steve
-
@stephenw10 from the 192.168.2.x side I open the IP 192.168.111.x, which is pfsense but the pfsense of the 192.168.2 network opens and not that of the 192.168.111.x network
-
And you are opening by IP address directly, not hostname? In a browser?
Do you have port forwards in place?
You should not, it should be all routed. But some forwarding or NAT reflection is about the only thing that could do that. You should see the http referer error when the local pfSense opens since you're trying to connect using an IP it doesn't own.
Steve
-
@stephenw10 yes in the browser I write the IP address of pfsense of the remote network but the pfsense of the local network opens
the port forward is not there, the strange thing is that there are other offices configured in the same way and they work, only this office does not work
by chance it could be vmware of the remote network? should something be done on vmware? -
No, hard to see how VMWare could be an issue here.
How do you know it's opening the local pfSense? And if it doesn't show you the referer error did you disable that?
Steve
-
@stephenw10 it is the local pfsense, I know because it has different confuguations from the remote one, he has on opnevpn server instead the remote ones have only opnevpn client, and does not give any error
-
Ok, well the only way the local pfSense can respond to that request is if it has that same IP defined on it for some reason.
Can you connect to anything else in the 192.168.111.0/24 subnet? -
@stephenw10 hi, thanks to your post you made me think to check an interface that I use for the Wifi Guests, and in fact I used them the same subnet, changed that one it is solved now everything works perfectly
A thousand thanks