Open vpn site to site and roadwarrior



  • Hi guys,

    I have pfsense running and connected to 2 remote offices (site to site connecteion) without any problem.Then I have the local subnets from those sites pushed down with roadwarrior when someone connects to radwarrior and everything worked well till now.

    I have a new office that been connected abd work well if I am on the vlan for that office but roadwarrior will allow a connection to there even though the route is pushed down when conected.

    Main office vlans : 0,4,5,6,10,11,23,25,26,27,29

    local subnets
    1 office vlan 192.168.20.0/24
    2 office vlan 10.1.4.0
    3 office vlan 192.168.28.0

    NO UDP / 1195 10.0.1.0/24 Local roadworrior [edit server]  [delete server]
    NO UDP / 1194 10.0.20.0/24 office 1 [edit server]  [delete server]
    NO UDP / 1198 10.0.70.0/24 Office 2 [edit server]  [delete server]
    NO UDP / 1196 10.0.2.0/24 Local backup [edit server]  [delete server]
    NO UDP / 1197 10.0.28.0/24 Office 3 [edit server]  [delete server

    Here are the routes on the pfsense:

    default x.x.x.x UGS 0 1698347 1500 bge0
    10.0.1.0/24 10.0.1.2 UGS 0 3060 1500 ovpns1
    10.0.1.1 link#19 UHS 0 0 16384 lo0
    10.0.1.2 link#19 UH 0 0 1500 ovpns1
    10.0.2.0/24 10.0.2.2 UGS 0 0 1500 ovpns4
    10.0.2.1 link#22 UHS 0 0 16384 lo0
    10.0.2.2 link#22 UH 0 0 1500 ovpns4
    10.0.20.1 link#20 UHS 0 0 16384 lo0
    10.0.20.2 link#20 UH 0 0 1500 ovpns2
    10.0.23.0/24 10.0.20.2 UGS 0 0 1500 ovpns2
    10.0.28.1 link#23 UHS 0 0 16384 lo0
    10.0.28.2 link#23 UH 0 0 1500 ovpns5
    10.0.70.1 link#21 UHS 0 0 16384 lo0
    10.0.70.2 link#21 UH 0 0 1500 ovpns3
    10.1.4.0/24 10.0.70.2 UGS 0 0 1500 ovpns3
    x.x.x.x link#5 U 0 172033 1500 bge0
    x.x.x.x link#5 UHS 0 0 16384 lo0
    127.0.0.1 link#9 UH 0 206139 16384 lo0
    192.168.0.0/24 link#6 U 0 2588522 1500 bge1
    192.168.0.251 link#6 UHS 0 288 16384 lo0
    192.168.4.0/24 link#17 U 0 0 1500 bge1_vlan4
    192.168.4.251 link#17 UHS 0 0 16384 lo0
    192.168.5.0/24 link#3 U 0 0 1500 em2
    192.168.5.251 link#3 UHS 0 0 16384 lo0
    192.168.6.0/24 link#4 U 0 0 1500 em3
    192.168.6.251 link#4 UHS 0 0 16384 lo0
    192.168.10.0/24 link#11 U 0 0 1500 bge1_vlan10
    192.168.10.251 link#11 UHS 0 0 16384 lo0
    192.168.11.0/24 link#12 U 0 0 1500 bge1_vlan11
    192.168.11.251 link#12 UHS 0 0 16384 lo0
    192.168.20.0/24 10.0.20.2 UGS 0 11355 1500 ovpns2
    192.168.23.0/24 link#13 U 0 12701 1500 bge1_vlan23
    192.168.23.251 link#13 UHS 0 0 16384 lo0
    192.168.25.0/24 link#14 U 0 34399 1500 bge1_vlan25
    192.168.25.251 link#14 UHS 0 0 16384 lo0
    192.168.26.0/24 link#15 U 0 715633 1500 bge1_vlan26
    192.168.26.251 link#15 UHS 0 0 16384 lo0
    192.168.27.0/24 link#16 U 0 514736 1500 bge1_vlan27
    192.168.27.251 link#16 UHS 0 0 16384 lo0
    192.168.28.0/24 10.0.28.2 UGS 0 1254 1500 ovpns5
    192.168.29.0/24 link#18 U 0 31398 1500 bge1_vlan29
    192.168.29.251 link#18 UHS 0 0 16384 lo0
    194.168.4.100 00:14:5e:7e:42:88 UHS 0 47653 1500 bge0
    194.168.8.100 00:14:5e:7e:42:88 UHS 0 47598 1500 bge0

    Here is whats being pushed down to via roadwarrior:

    push "route 192.168.4.0 255.255.255.0";push "route 192.168.5.0 255.255.255.0";push "route 192.168.6.0 255.255.255.0";push "route 192.168.10.0 255.255.255.0";push "route 192.168.11.0 255.255.255.0";push "route 192.168.20.0 255.255.255.0";push "route 192.168.23.0 255.255.255.0";push "route 192.168.25.0 255.255.255.0";push "route 192.168.26.0 255.255.255.0";push "route 192.168.27.0 255.255.255.0";push "route 192.168.28.0 255.255.255.0";push "route 192.168.29.0 255.255.255.0";

    If anyone can shed some light on this as to why when connected via roadwarrior, I cant get to the 192.168.28.0/24 which in the office 3 local subnet.

    Cheers,

    Raj



  • Hi guys anyone has any ideas on what could be going wrong pls?



  • Sorry guys checked my config and realised that I forgot to add the route back from the client site to site to the roadwarrior.

    Cheers,

    Raj


Locked