Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN Configuration Issue: Accessing Site B from User Authentication VPN in OpenVPN

    OpenVPN
    2
    3
    308
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Breixo
      last edited by

      I'm facing an issue with my VPN configuration. In my pfSense, I have two servers: one configured for user authentication and another for point-to-point connection. From the local networks of sites A and B, I can access resources in both directions without any problems. However, when connecting from the user authentication VPN, I can only access resources from Site A but not from Site B. How can I resolve this?

      I tried entering the statement push "route 192.168.20.0 255.255.255.0" on the user access remote server, but it didn't work.

      Configuration:

      Site A:

      LAN: 192.168.10.1/24
OpenVPN Server (User Remote): 10.0.8.0/24
OpenVPN Server (Point-to-Point): 10.100.0.0/30

      Firewal lan and openvpnl: Any

      Site B:
      LAN: 192.168.20.1
      Firewal lan and openvpnl: Any

      I have selected the option 'Allow communication between clients connected to this server' on both servers, and I have also enabled 'Force all client-generated IPv4 traffic through the tunnel' on the User Remote server.

      I appreciate any help or suggestions to solve this issue. Thank you!

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Breixo
        last edited by

        @Breixo said in VPN Configuration Issue: Accessing Site B from User Authentication VPN in OpenVPN:

        I tried entering the statement push "route 192.168.20.0 255.255.255.0" on the user access remote server

        The pfSense GUI provides the "Local Network/s" field for this.
        So this box should look like this in your setup:

        192.168.10.0/24,192.168.20.0/24

        This pushes the routes for both LANs to the clients. However, you need also site B let to know how to route the clients tunnel pool.
        This is done by adding the access server tunnel network 10.0.8.0/24 to the "Remote Networks". If you push the routes from the server you can also add it the the "Local Network" in the site-to-site config at A.

        B 1 Reply Last reply Reply Quote 0
        • B
          Breixo @viragomann
          last edited by

          @viragomann said in VPN Configuration Issue: Accessing Site B from User Authentication VPN in OpenVPN:

          The pfSense GUI provides the "Local Network/s" field for this.
          So this box should look like this in your setup:

          192.168.10.0/24,192.168.20.0/24
          This pushes the routes for both LANs to the clients. However, you need also site B let to know how to route the clients tunnel pool.
          This is done by adding the access server tunnel network 10.0.8.0/24 to the "Remote Networks". If you push the routes from the server you can also add it the the "Local Network" in the site-to-site config at A.

          Reply Quote 0

          @viragomann Success! Thank you so much! 🍡

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.