Routing client1 –> VPN1 --> PF1 --> VPN2 --> PF2 --> client2
-
I need help with routing:
client1 (RW1) Net D –> VPN1 Net D --> PF1 --> VPN2 Net E --> PF2 --> client2 Net BInfo:
PF1= PfSense 2.0 local net C
PF2= PfSense 1.2.3 local network B
RW1= Roadwarrior asigned network A from PS1
VPN1=OpenVPN multiple clients Net D
VPN2=OpenVPN site-to-site Net ESetup:
This OpenVPN route all traffic is working:
RW1 –> VPN1 --> PF1
client1 (Rw1) can ping local-IF Net C at PF1This OpenVPN site-to-site is working:
PF1 --> VPN2 --> PF2 (Net B)
client 2 can ping local-IF Net C at PF1Question:
How should I make Client1 (RW1) able to ping Client2?Client1 (RW1) –> ping --> Client2?
Regards,
Marc -
It's simply a matter of setting the correct routes on all the involved devices.
Make sure the roadwarriors get pushed all the needed routes.
Make sure the pf2 knows the route to the roadwarrior subnet. -
Yes, it was simple.
In PF1 I defined the route
net B using GW lan-if-PF1In PF2 I defined the route
net D using GW lan-if-PF1And in OpenVPN i pushed net B to the clients.
-
It's not working after an upgrade of PF2 from 1.2.3 to 2.0…
What am I doing wrong.
All the settings is the same but PF2 is complaining about my gateway that routes traffic to RW1 that it is on the wrong subnet...
The settings is exactly the same as in PF2(1.2.3) but now it's not accepting the gateway that I've been using.
Should I create some kind of VLAN-interface or where is the problem?
I'm trying to set up the routing from PF2-lan to RW1...
Settingup gateway in PF2 (2.0)
Choose which interface this gateway applies to.
LAN net BName
Gateway1Gateway
VPN1-lan-ifWhy must VPN1-lan-if be on the same subnet to make PF accept this?