4. OpenVPN Site to Site

OpenVPN Site to Site

  • R

    Hey everyone,

    I followed the OpenVPN site to site guide to create a tunnel between my 2 pfsense boxes and I see that the client box says the connection is up.  However I cannot ping other hosts through the tunnel.  Any ideas here?

    Thanks
    Ben

    0

  • The normal problem is that you haven't correctly configured the routes. Do all the computers on both sides use the pfSense hosts for their default gateway? If not have you manually configured the appropriate routes?

    0
  • R

    Hi.  Thanks for your reply.

    Yes I have the machines set to use the pfsense boxes as their gateways.  I always have the firewall rules set as state in the document but still no luck.

    Thanks
    Ben

    0

  • What version of pfSense do you have on both sides? What IP ranges are you using for each LAN and for the VPN?

    0
  • R

    2.0-RC2

    Server:  10.0.0.0/24
    Client:    10.0.1.0/24
    Tunnel:  10.0.12.0/24

    Thanks
    Ben

    0

  • You've created firewall rules to allow traffic on the VPN interfaces?

    Can the pfSense hosts ping the other pfSense host, over the VPN?

    0
  • R

    Hey, first thanks again for your help!

    Yes, I have created WAN side rules for port 1194 for UDP (which is what I set the OpenVPNs to use) and also created a * rule on the OpenVPN tab as well on both the client and server.

    No, I cannot ping one pfsense box from the other either.

    Thanks
    Ben

    0

  • Is the OpenVPN tunnel actually up? What do the logs show on each end?

    0
  • G

    @rem2500:

    2.0-RC2

    Server:  10.0.0.0/24
    Client:    10.0.1.0/24
    Tunnel:   10.0.12.0/24

    Thanks
    Ben

    If I remeber it right to make it work you have to make a iroute 10.0.1.0 255.255.255.0 on the server side This command can't be set in the custum options so you have to create a client-specific configuration for you client to put that command in.

    Best of luck

    Ghal

    0
  • R

    Post screenshots of your VPN log and your OpenVPN config from both sides. Do not include your Public Internet IP, domain and Pre-Shared Key.

    0
  • R

    Hey guys,

    Figured it out and as usual, it was just a stupid error on my part.  On the OpenVPN rules tab, I was only allowing all UDP traffic.  Once I allowed all traffic, then all was good.

    Thanks for the help!
    Ben

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy