Site to Site Can ping from one side but not the other



  • 2.0 Rc3

    Site to site

    Site A: 172.21.12.0
    Site B: 172.21.13.0

    Site B can access servers, printers, pc's etc at Site A. However, when at Site A or when remote desktoping a computer at Site A they cannot ping or access anything at Site B including the pfsense router. Both firewalls are their own gateways. At site A in the open VPN additional box I have route 172.21.13.0 255.255.255.0 and at Site B I have route 172.21.12.0 255.255.255.0

    I am out of ideas, what can this be?



  • make sure the routes for all subnets are set on both ends. also check if you firewall rules allow traffic to and from



  • As far as I can tell they are. We have client to pfsense openvpns that work fine. So I am betting I have a rule wrong as well. How should my source and destination look?



  • I've had similar issues like this in the past. Some things to look at:

    1. as heper said, check your routing table. make sure there is a route in  site A's table that routes traffic to siteB_subnet via the openvpn interface (do the same check for site B)
    2. make sure you have the allow rules on the openvpn tab
    3. check your lan rules on A, see which rule get hits when your sending traffic from A to B and double check that its using the "default" gateway. if there is no such rule, add one that has source->lan_subnet dest-> siteb_subnet gateway->default
    4. Run a wireshark on the receiving end (the machine on site B that you're pinging), see if the ping requests are coming in (could be that the responses aren't going from B to A properly)

    -E


Locked