Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site to Site Open VPN connected but not working

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 149 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gb_factory
      last edited by

      Hello,
      in our network we have a pfSense router in the main building running Open VPN server and two other buildings, each with another pfSense box running two Open VPN client connected to the main server. The first separate building works fine, the new separate building just added doesn't, and the configuration has been copied from the other vpn client that works!
      We checked everything... the vpn shows as up and running, and from the client we can ping the server ip from the openvpn interface, but not from the lan interface nor we can ping we client from the server.

      LAN rules on the main pfSense box at our main building:
      2630c7e6-f2ae-422c-a1bc-b55970dd7245-image.png
      Note: on the alias "Reti_..." we have the two networks of the two buildings with the vpn client, as said, the first building works!

      Open VPN rules at main building:
      e9d4fa2b-4116-4c61-8fcb-8c79e76937a1-image.png

      Satellite buildings LAN rules:
      5218c511-cdc9-42aa-9d6a-9a32b1c14833-image.png
      The blackedout aliases allow traffit to main building networks

      Satellite buildings Open Vpn rules:
      same as main building

      I don't know what to add... everything is the same and building1 works but building2 doesn't, we are really at a loss, thanks for anyone that can provide support!

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @gb_factory
        last edited by

        @gb_factory said in Site to Site Open VPN connected but not working:

        Note: on the alias "Reti_..." we have the two networks of the two buildings with the vpn client

        You need to allow access to client sides LAN.

        What are the local networks on main and the branches?

        Show the OpenVPN server and client settings and the CSOs.

        Are the CSOs applied properly? Check the server log to ensure.

        G 1 Reply Last reply Reply Quote 0
        • G
          gb_factory @viragomann
          last edited by

          @viragomann Thank you for mentioning CSOs, I was missing the CSO for the new building thus the VPN connection wasn't working properly. I cloned the existing one and everything works fine.
          Thanks and have a nice day!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.