Site To Site ssl/tls
-
Hello. Currently running 2.7, with 4 active site to site BOVPN
s on openVPN SSL shared key and I am looking to upgrade those connections to SSL/TLS shared key, as the former has been deprecated. I have followed the few videos and the documentation, the test tunnel says its up both ends, but A. theres no traffic,
B. both the server and the client virtual IP is both reading 10.1.10.2 if the tunnel CIDR is 10.0.10.0/24.
I have tried either end being the server, same results
Has anyone come across this before? -
I used this article very sucessfully with my transition from Shared Key to TSL.
Look at your routing tables to ensure all the routes were auto-created
Status-OpenVPN - Click Show Routes - this shows the VLAN to Public IP routes
Diagnostics-Routes - this shows all the routes - should have your remote sites (example: 192.168.1.0/24) mapped to the destination IP of your VLAN - example, you set up the Tunnel network as 10.10.9.0/24, and the remote site connected as 10.10.9.2. This means the host (server) is 10.10.9.1. The route should show Destination=192.168.11.0/24 Gateway=10.10.9.2.On your client the route would be if the host network is 10.10.10.0/24: Destination=10.10.10.0/24 Gateway=10.10.9.1.
You may need to restart the host server to get the routes updates - I did.