Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    tunnel is up but cannot route traffic from client to remote client

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 535 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      Zeno
      last edited by

      Hi all,

      I'm getting a huge headache for a problem that i didn't expect . I try to describe it:
      i have a pfsense virtual appliance (MYPFSENSE) and i used a working ovpn configuration file to connect it as client to another pfsense (SERVERPFSENSE) ( and i have no kind of control of it ).
      I used the "openvpn-client-import" package to import it: it worked very well and in status->openvpn i can get a "client istance statistics" green marked.. it's also reporting bytes sent and received! So far so good.

      The imported ovpn file containt no-pool option and a set of specific ip. to be sure that these ips get correctly parsed, i controlled in diagnostics/routes..and I can see all the ips there, correctly configured!

      Further, from my pfsense bash, i tried to ping and traceroute one of this ip and it respond to ping fastly, very stable, all seems so normale here.

      Later, i moved the test on my machine, client in lan interface pf the pfsense. Ping the previously working ip here, i get a request timeout. also traceroute from my machine show me that packet get sent to lan interface of my pfsense, but later i get a huge series of stars ... it seem's not routed to the correct path.

      I'm a seasoned user, but this time I need a hand becasuse i can't get it out!

      Thanks in advance for the help, community!

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Zeno
        last edited by

        @Zeno
        I assume, that the pfSene is the default gateway on the client?

        Is the OpenVPN client connected properly?

        Can you ping the remote IPs from pfSense itself?

        Z 1 Reply Last reply Reply Quote 0
        • Z
          Zeno @viragomann
          last edited by

          @viragomann

          I assume, that the pfSene is the default gateway on the client?

          yes, the client is my machine, and it's located in the LAN subnet to MYPFSENSE

          Is the OpenVPN client connected properly?

          In status->openvpn i can get a report about the connection to the remote PFSENSE and its status is connected, with packets that flows going and back.

          Can you ping the remote IPs from pfSense itself?

          Yes, from pfsense bash i can ping remote pfsense and also all the single IPs in the remote subnet

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @Zeno
            last edited by

            @Zeno
            Possibly the remote site blocks access from your LAN.

            If so you can masquerade the packets with the pfSense IP by adding an oubound NAT rule to the VPN interface.

            Z 1 Reply Last reply Reply Quote 0
            • Z
              Zeno @viragomann
              last edited by

              @viragomann you rock man! I thank you to pointing me to the solution! it's working as expected now!

              ciao!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.