Routing ovpn site2site

daszip

Hello. Plz help in my trouble. The trouble is to make possible sip phone working from network A.
Here is my setup.

====WAN1(some 112...)=========================WAN2 (some 42...)===
|| ||
PF1 GATE (192.168.8.254/24)================= IPSEC ================ PF2 (192.168.0.254/24) ===== OPT1 (SIP ISP 10.128.0.244/24 GW 10.128.0.1 by dhcp)
|| ||
Network A (192.168.8.0/24) Network B (192.168.0.0/24) route LAN 10.120.0.130/32 10.128.0.1

I have a voip gate(box with sip profile to 10.120.0.130)
From Net B working perfect, but not from A. It seems impossible to make any additional route fru the ipsec. So i try openvpn.

====WAN1(some 112...)=========================WAN2 (some 42...)===
|| ||
PF1 GATE (192.168.8.254/23)===== IPSEC (192.168.8.0/24–192.168.0.0/24) ==== PF2 (192.168.0.254/24) ===== OPT1 (SIP ISP 10.128.0.244/24 GW 10.128.0.1 by dhcp)
|| || || || ||
VOIP 192.168.9.1/24)== || || || ||
|| ===== Ovpn client =====192.168.9.0/24-10.128.0.0/24==Ovpn server== ||
|| ||
Network A (192.168.8.0/24) Network B (192.168.0.0/24) route LAN 10.120.0.130/32 10.128.0.1

For openvpn config 192.168.9.0/24-10.128.0.0/24 i can ping 10.128.0.244 (opt1)
I tried setup for openvpn config 192.168.9.0/24-10.120.0.130/32 with no luck.
What options should i add to ovpn client/server to make setup working? Or have should make it right?

PS: Best regards, yours %username%
Sorry for my English.

daszip

By now try next setup

PF1 GATE (192.168.8.254/24)========(ovpn 10.0.8.0/24)========PF2 (192.168.0.254/24)
sites fully pingable so i think need just some routes.
plz, can any give a hint?

Nachtfalke

http://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_PKI_%28SSL%29#iroutes