Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN Site to Site problem

    OpenVPN
    3
    4
    2859
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      leap last edited by

      I installed a OpenVPN site-to-site VPN with two pfsense 1.0.1 boxes for testing. I am not sure what is wrong in the pfsense configuration. here is my diagram

      10.189.137.1                                   10.189.137.15
      Laptop1–-------Pfsense1---------OpenVPN------------Pfsense2---------Laptop2
      192.168.1.2      192.168.1.1                                      192.168.2.1          192.168.2.2

      • on laptop2 I can reach external ip (10.189.137.1) but i could not get in internal ip of pfsense1
      • on laptop1 I could not get in even external ip of pfsense2.
      • rule allowed tcp/utp * * * following are the firewall log file
          Mar 23 18:25:04 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:25:25 WAN 192.168.1.3 10.189.137.2 ICMP
          Mar 23 18:28:58 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:29:57 WAN 192.168.1.3 10.189.137.2 ICMP
          Mar 23 18:31:28 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:32:09 LAN 192.168.2.3:138 192.168.2.255:138 UDP
          Mar 23 18:32:29 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:33:11 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:39:57 LAN 192.168.2.3:138 192.168.2.255:138 UDP
          Mar 23 18:40:44 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:44:08 LAN 192.168.2.3:138 192.168.2.255:138 UDP
          Mar 23 18:45:35 LAN 192.168.2.3:2078 192.168.1.5:2967 TCP
          Mar 23 18:45:57 LAN 192.168.2.3:137 192.168.2.255:137 UDP
          Mar 23 18:46:41 LAN 192.168.2.3 10.189.137.1 ICMP
          Mar 23 18:46:47 LAN 192.168.2.3 192.168.1.2 ICMP
          Mar 23 18:46:50 LAN 192.168.2.3 192.168.1.1 ICMP
          Mar 23 18:51:21 LAN 192.168.2.3:137 192.168.2.255:137 UDP
          Mar 23 18:52:33 LAN 192.168.2.3:137 192.168.2.255:137 UDP
          Mar 23 18:52:55 LAN 192.168.2.3 192.168.1.1 ICMP

      anyone help me !!!
      Thanks in advance

      1 Reply Last reply Reply Quote 0
      • M
        mnsmani last edited by

        Create the related rule to allow the access across firewall ?

        1 Reply Last reply Reply Quote 0
        • C
          critter last edited by

          Wich one is running as server?
          Please post your server and client configurations.

          1 Reply Last reply Reply Quote 0
          • L
            leap last edited by

            Thanks for you respone. Pfsense1 is the server site and pfsense2 is the client.
            this is the configuration for both sites.

            Client site                                                Server site
            Protocol        TCP                                      Protocol        TCP     
            Srever Add    10.189.137.1                          Dynamic IP      enabled
            Server port    1194                                    Address pool    192.168.10.0/24
            Interface IP  192.168.2.0/24                        Remote IP      192.168.2.0/24         
            Remote network 192.168.1.0/24                   
            Proxy port    3128

            I already created rule that allow all traffic from WAN to LAN.
            Thanks

            1 Reply Last reply Reply Quote 0
            • First post
              Last post