Tunnel VPN not working without CSO?!?!?!
-
Hi community,
I'm missing something ... not the first time I mount a P2P VPN between two pfsense. On one Tunnel, I have to add a CSO on the server to be able ping one network to another. If I disable the CSO, unable to ping remote network from server side and vice-versa.
The only setting in the CSO is the IPv4 Remote Network/s, with that everything working like a charm!!!!
ANyone have an idea??? My setup is basic but I miss something ... I'm not supposed to be obligated to ADD a Client Specific Override for a simple P2P tunnel between 2 sites ?!?!?
Thanks for any sugggestion ... that's not a big deal but I'm curious.
-
@m0l50n
Hi,if it is a real Peer to peer it doesn't need a CSO.
In a P2P you have only two peers, server and client. So for what reason would you need a CSO?Note that a P2P tunnel should have a /30 mask.
-
@viragomann You got it ... I was on a /24 mask!!! I copy my config from my other tunnel but this one is a tunnel with multi sites! By the way, for that tunnel, is it better to have the smallest mask as possible or /24 is ok?
-
@m0l50n
No, for an access server it's ok to have a /24 mask. -
@viragomann Thanks again for you always clear and relevant answers!
Have a good day!