• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Cross-client OpenVPN routing issues on pfSense

Scheduled Pinned Locked Moved OpenVPN
2 Posts 1 Posters 2.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mcgaines
    last edited by Jun 16, 2011, 3:36 PM Jun 16, 2011, 3:30 PM

    Hello all,

    I currently have about 15 sites with DD-WRT routers. Each router has it's own subnet (i.e. 10.1.1.0/24, 10.1.2.0/24, etc), but I've configured each router as an OpenVPN client so that devices on each subnet can communicate with one another (i.e. 10.1.1.100 can ping 10.1.2.100, and vice-versa). The OpenVPN server is an OpenVPN Access Server hosted in the cloud. This has been working great for months.

    However, I'm now wanting to swap out my DD-WRT boxes for pfSense routers. I've successfully configured pfSense as an OpenVPN client using this post (http://forum.pfsense.org/index.php?topic=24435.0) as a guide, and I can ping out from behind the pfSense router (i.e. 10.1.3.0/24) to all of the other clients without any issues. But when attempting to ping the pfSense router from the other clients/subnets, I cannot see it.

    I had the same issue when initially setting up my DD-WRT routers and fixed it by entering the following script into the startup commands:

    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
    iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

    This script, I think, is the magic that makes it all work, but I don't know how to replicate it on pfSense. To compare, here's my pfSense routing table:

    Destination          Gateway        Flags    Refs  Use    Mtu    Netif
    default              216.xxx.xx.1  UGS      0      1388  1500    vr1
    10.0.0.0/8          172.0.0.1        UGS    0      1154  1500    ovpnc1
    10.1.1.0/24        link#1            U        0      2071  1500    vr0
    10.1.1.1            link#1            UHS      0      0      16384  lo0
    127.0.0.1            link#6            UH      0      47    16384  lo0
    172.0.0.0/8        link#9            U        0      5      1500    ovpnc1
    172.16.1.1          link#9            UHS      0      0      16384  lo0
    192.168.1.0/24    172.0.0.1        UGS    0      0      1500    ovpnc1
    192.168.100.0/24 172.0.0.1        UGS    0      0      1500    ovpnc1
    216.xxx.xx.0/24    link#2            U        0      134    1500    vr1
    216.xxx.xx.67      link#2            UHS    0      0      16384  lo0

    And here's a working DD-WRT routing table:

    Destination LAN  Subnet Mask      Gateway      Interface
    216.xxx.xx.1      255.255.255.255  0.0.0.0        WAN
    192.168.100.0    255.255.255.0      172.0.0.1    tun0
    216.xxx.xx.0      255.255.255.0      0.0.0.0        WAN
    192.168.1.0         255.255.255.0    172.0.0.1    tun0
    10.1.4.0            255.255.255.0    0.0.0.0        LAN & WLAN
    169.254.0.0         255.255.0.0        0.0.0.0        LAN & WLAN
    172.0.0.0          255.0.0.0            0.0.0.0        tun0
    10.0.0.0            255.0.0.0          172.0.0.1      tun0
    0.0.0.0              0.0.0.0              216.xxx.xx.1  WAN

    Any help getting this working in pfSense would be greatly appreciated!

    1 Reply Last reply Reply Quote 0
    • M
      mcgaines
      last edited by Jun 21, 2011, 3:56 PM

      Anyone? If I can provide more information or more clearly state the problem, please let me know.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received