Route to remote gateway connected via OpenVPN
-
Hi all,
I'm trying to route a subnet to another firewall (unifi console) on the openvpn interface). I have the connection setup with the OpenVPN client and can ping the pfsense LAN from unifi. The unifi express gets an IP from the pfsense's VPN (10.94.64.2) and all traffic out to the internet and the pfsense LAN is ok.
pfsense LAN: 10.90.30.1
Unifi LAN: 10.94.30.1
VPN tunnel: 10.90.64.1
I think this is a unifi firewall issue, but I've not been able to capture the packets on this interface. The packets seem to leave the pfsense vpn gateway interface ok.
I've setup a gateway and static route on the pfsense box pointing to 10.94.64.2 and the packet capture shows the pings going over the vpn so i assume the unifi box isn't responding. I know this is working correctly because if I change my static route to the wan ip of the express and open the firewall the packets flow happily.Any help greatly appreciated, I think I must be missing something! Is there a limitation somewhere with doing this over the openvpn interface? The vpn type is remote access as unifi doesn't support peer to peer.
Also, to note the remote site is behind NAT and has a dynamic IP so IPSec isnt suitable and neither is wireguard as unfortunately I cannot forward the ports to the express.