Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    problem openvpn site to site

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 2 Posters 862 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      miami71it
      last edited by

      hello everyone I have already written a post to which there was no answer but it was a bit convoluted, I rephrase the question in a different way

      I have various offices connected to the main office via opnevpn site to site so configured

      HEADQUARTER 192.168.2.x openvpn server
      CLIENT1 192.168.3.x openvpn client 10.0.3.x
      CLIENT2 192.168.4.x openvpn client 10.0.4.x
      CLIENT3 192.168.111.x openvpn client 10.0.5.x

      everything works but I have a problem on CLIENT3 that is:
      if from the HEADQUARTER I type the ip of the pfsense server of the remote office, it opens quietly and everything works
      I do not understand why if I enter the IP of the CLIENT3 office, pfsenfe of the main OFFICE opens to me, I have checked everything, the offices are all configured in the same way but I do not understand the reason
      the only difference is that in the CLIENT3 location pfsense is installed on a vmeware virtual machine, is this the problem? can you give me some advice to solve?

      thank you

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        So you are trying to open an IP address directly, like 192.168.111.10, and it opens but instead you see a host that is actually in the 192.168.2.X subnet?

        Are you actually using the IP address or the host name? Is it just resolving incorrectly?

        How are you attempting to connect exactly?

        Steve

        M 1 Reply Last reply Reply Quote 0
        • M Offline
          miami71it @stephenw10
          last edited by

          @stephenw10 from the 192.168.2.x side I open the IP 192.168.111.x, which is pfsense but the pfsense of the 192.168.2 network opens and not that of the 192.168.111.x network

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator
            last edited by

            And you are opening by IP address directly, not hostname? In a browser?

            Do you have port forwards in place?

            You should not, it should be all routed. But some forwarding or NAT reflection is about the only thing that could do that. You should see the http referer error when the local pfSense opens since you're trying to connect using an IP it doesn't own.

            Steve

            M 1 Reply Last reply Reply Quote 0
            • M Offline
              miami71it @stephenw10
              last edited by

              @stephenw10 yes in the browser I write the IP address of pfsense of the remote network but the pfsense of the local network opens
              the port forward is not there, the strange thing is that there are other offices configured in the same way and they work, only this office does not work
              by chance it could be vmware of the remote network? should something be done on vmware?

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                No, hard to see how VMWare could be an issue here.

                How do you know it's opening the local pfSense? And if it doesn't show you the referer error did you disable that?

                Steve

                M 1 Reply Last reply Reply Quote 0
                • M Offline
                  miami71it @stephenw10
                  last edited by

                  @stephenw10 it is the local pfsense, I know because it has different confuguations from the remote one, he has on opnevpn server instead the remote ones have only opnevpn client, and does not give any error

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    Ok, well the only way the local pfSense can respond to that request is if it has that same IP defined on it for some reason.
                    Can you connect to anything else in the 192.168.111.0/24 subnet?

                    M 1 Reply Last reply Reply Quote 0
                    • M Offline
                      miami71it @stephenw10
                      last edited by

                      @stephenw10 hi, thanks to your post you made me think to check an interface that I use for the Wifi Guests, and in fact I used them the same subnet, changed that one it is solved now everything works perfectly
                      A thousand thanks

                      1 Reply Last reply Reply Quote 1
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.