Site to Site OpenVPN. Connects, but only half way…



  • I've set up a shared key OpenVPN peer to peer configuration, and the two sites connect successfully. I can ping from the Server site to the Client site, but I can't ping from the Client site to the Server site. I have the Local and Remote networks configured, and the Tunnel Network is the same on both sides. I'm running the 25-Jan-2011 2.0 snapshot on both firewalls. Both firewalls also have a 1194 Server configuration for remote access, and those work fine on both sites. I've duplicated the WAN 1194 rule for the OpenVPN 1195 port on the Server.

    Can anyone nudge me in the right direction, I can't figure out why I can't ping the Server from the Client, but can do the reverse just fine.



  • nudge: you probably need a static route.  ;)



  • I very much appreciate the nudge!

    Static routes? I thought that's what the local and remote fields were for? If not, where would I place the static route, in the Client configuration in the Advanced field? Would the format be 'route 192.168.10.0 255.255.255.0' (the IP addressing of the other side) like the example above the field illustrates?



  • Usually, if you can ping from one side and not the other, packets must find their way to and back, so most likely not a routing issue. Rather check your firewall settings (pfSense and LAN clients).

    Stefan



  • That's what I thought too… I'll continue fiddling and post back my results.


Locked