OpenVPN no traversing

Visseroth

I have a VPN tunnel setup between a buddy of mine and my firewall.
The connection is good and auto connects every time it gets knocked down.
I'm able to login to his firewall over the VPN by putting in the address that he received from the VPN connection provided by my firewall.
The problem is I'm unable to traverse the connection.
I'm trying to get into his network and let him into mine but for some reason neither firewall is passing traffic to where it needs to go.

I've read documentation on this issue, watched videos, nothing seems to work.

Network configurations are as follows...
My Net VPN Net His Net
10.10.10.0/24 <-> 10.10.0.0/24 <-> 192.168.1.0/24

My OpenVPN server configuration includes....
IPv4 Tunnel Network 10.10.0.0/24
IPv4 Local Network(s) 10.10.10.0/24, 10.10.73.0/24

His client configuration includes...
IPv4 Tunnel Network 10.10.0.0/24
IPv4 Remote Network(s) 10.10.10.0/24

I also added a OpenVPN gateway under interfaces, a alias with device addresses we'd like to be able to access and a rule on each LAN that indicates the following...
Interface LAN
Address Family IPv4
Protocol Any
Source Any
Destination Single host or alias RemoteVPNRoute
Gateway OpenVPN_GW

I even tried adding a static route under System -> Routing -> Static Routes
Destination network (The remote network) 192.168.1.0/24
Gateway OpenVPN_GW
and it didn't do any good.

I'm at a loss as to why local traffic won't traverse the tunnel.

We're not trying to pass ALL traffic, only the traffic we want through the tunnel so we can access each other's resources.

Any help would be appreciated.

Edit: Oh, I forgot to add that via the ping tool on each firewall I'm able to ping one way but not the other.

From my firewall to his network no ping
From his firewall to my network ping and reply!

Funny thing is I also use the VPN for remote access on my laptop and phone and I can traverse my network just fine, but that's not quite the same configuration since the VPN client is running on the local machine that is traversing the tunnel.

JKnott

@visseroth said in OpenVPN no traversing:

The problem is I'm unable to traverse the connection.

Check the routing. If the VPN connects, but you can't get beyond the firewall, it's a routing issue.

Visseroth

@jknott I agree though I'm not quite sure how to correct that problem.
If I check the routes on my firewall for 192.168.1 nothing comes up

but if I check the routes for 10.10.0 there are routes though I'm not sure if they look correct...

Jarhead

@visseroth
So is this a peer to peer vpn?
You say you use a vpn for your laptop and phone but it wasn't clear if it's the same vpn.
Either way, you should setup a peer to peer for the houses, and a remote access for the devices.

On the peer to peer, just change from the settings you have, make the tunnel a /30. That'll fix it. No need to add static routes, OpenVPN does that automatically.

If you want to use the one vpn for the house and devices, look up Client Specific Overrides and set them accordingly.

JKnott

@visseroth said in OpenVPN no traversing:

@jknott I agree though I'm not quite sure how to correct that problem.
If I check the routes on my firewall for 192.168.1 nothing comes up

Your network knows how to reach the other end of the VPN, as it's network is directly connected to your firewall. You have to create a route for the LAN at the other end via the VPN. Then, any device on your LAN will be able to get to the other LAN, with the default route pointing to your firewall and your firewall will know how to get to the LAN at the other end of the VPN.