Routing between OpenVPN and IPSEC Tunnels
A challenge for me. We have a scenario where we have road warriors / remote users connecting on OpenVPN to Site A. Their IP Pool being 10.92.2.0 /24.
Site A and Site B are connected over IPSEC where Site A is 10.92.0.0 / 23 and Site B is 10.92.128.0 /24.
Is there a possibility that the remote users connecting to Site A via OpenVPN access the servers residing on Site B??
shouldn't be a problem.
just push the routes within the openvpn-server config. also add a route on the pfsense at site B for the corresponding roadwarrior subnet.
add to openvpn config advance field:
push "route 10.92.0.0 255.255.254.0";
push "route 10.92.0.0 255.255.255.0";
not sure what the procedure is to add routes to ipsec, but i'm sure you can find it on this forum.
What heper mentioned, plus make sure you have a phase 2 on IPsec that references the OpenVPN tunnel network, which is where the clients will originate their traffic.
I have the same issue and followed the above recommendations, but I still don't have joy and happiness. My trace route ends at the OpenVPN gateway then fails.
Checking the firewall rules , OpenVPN logs I don't see any of the OpenVPN traffic coming in our failing. Any recommendations ?
Really going nuts here!!!