Remote server unreachable over Site-to-Site VPN
-
Dear All,
We have configured site to site VPN between two site using pfSense. One side LAN servers have the IP address of 172.16.1.x range and another side LAN servers have the IP address of 192.168.1.x range. IPSec VPN tunnel is working fine and the servers which are present in 172.16.1.x network zone are able to access the 192.168.1.x network zone servers. But the reverse is not working means from 192.168.1.x , the 172.16.1.x network zone servers are unreachable. Also we observed 172.16.1.x servers are reachable only from pfSense firewall which is present in 192.168.1.x zone. We need your help for this issue.
-
@Tirthankar
Are you missing a proper pass rule on the IPSec interface on 172.16.1.x? -
@viragomann
Our firewall rule defined as follows.
Action = Pass
Interface = IPSec
Address Family = IPv4
Protocol = Any
Source (Network) = 172.16.1.0/24
Destination = Any -
@Tirthankar
You need to allow access from the remote site here, so from 192.168.1.0/24.