Routing two/multiple subnets through tunnel

  • pfsense 1.2.3-RELEASE

    – NICs

    -- tunnel
    Address pool
    Local network

    I have successfully configured OpenVPN for remote client access.
    Remote access to LAN works for all IPs.

    Following that, I wanted to add remote access to LAN_164 IP's. So
    I added 'push "route"' to the global
    config. Here is the remote routes:

    Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface         UH      0       0       0       tun0 UGH     0       0       0       tun0   UG      0       0       0       tun0   UG      0       0       0       tun0   U       0       0       0       eth0     U       0       0       0       eth0         UG      0       0       0       eth0

    However, on the remote I still cannot ping any of the IPs on LAN_164.

    On the server/lan side I can access LAN_164 from LAN without trouble. Here are the
    (relevant) routes on the server:

    Destination        Gateway            Flags    Refs      Use  Netif Expire    link#4             UC          0        0    em1       UGS         0        0   tun0       UH          1        0   tun0   link#2             UC          0        0   fxp1

    I am clearly missing something. Any input would be appreciated. If I have been too brief
    in detail, please let me know.

  • Is this a private shared key tunnel?

    If yes: You cannot use pushes with such a setup.
    You need to add normal routes to the config on the server and the client
    (eg. route

  • The tunnel Auth method is PKI.

  • Do the devices in the 164 range have a default gateway other than the pfSense?
    Do you have the OpenVPN instance assigned as interface?
    If yes, might you have a rule not allowing access?

    The same on the remote side: Might you have a rule not allowing access?
    Do you see anything in the firewall log?

Log in to reply