PfSense site-to-site PKI: can ping to one site, not the other
-
Here is my setup:
stock pfSense v1.2.3 (both sides)
Office:
OpenVPN Server configured using PSK
LAN: 192.168.16.0/24
VPN: 10.21.11.0/24Home Office:
OpenVPN Client configured using PSK
LAN: 10.111.10.0/24I can connect succesfully and ping 192.168.16.0/24 from the Home Office, but not the other way around. No clues appear in the OpenVPN logs or Firewall logs.
I see what I believe to be the proper routes via "netstat -rn" on both sides. The weird thing is from the Office side, I can't ping any of the VPN IPs which I would assume I should be able to.
What am I missing?
-
Have you tried following some of the stickies in this forum such as http://forum.pfsense.org/index.php/topic,12888.0.html ?
-
This was solved on IRC, I believe. He switched to using a real PKI setup (not shared key/PSK), and adding route/iroute statements as needed, and it started to work.
