Site 2 Site (S2S) tunnel up, but no traffic
-
Hi!
For a lab environment a friend and I installed a pfSense appliance at home to provide a S2S VPN between our homes.
He has a network 192.168.5.0/24
I have a network 192.168.6.0.24And in between (the tunnel itself) is a network 10.0.0.0/24 (way too big, we know, but doesn't matter for know, we'll change it to /30 when the tunnel is up ;) ).
In the status page we can both see that the tunnel is UP.
I am the server, he's the client. We can each ping our end of the tunnel, but not the other end of the tunnel OR the remote network.
I filled in the remote network, he did also.I created a rule in my WAN-rules:
TCP/UP
source *
port *
destination *
port 1194
gateway *And in the OpenVPN leaf/tab:
TCP/UDP
source *
port *
dest *
port *
gateway *So from my point of view, traffic between my network and his should be allowed.
Are we missing something?
-
As long as you put the right networks in Local Network and Remote Network (and they are the correct way around from the point of view of the end you are at), OpenVPN will add routes for you. Use Diagnostics->Routes to see what routes you have at each end.
And I just noticed your rules are TCP+UDP only - for ping you will need to allow ICMP. The easy way is to change the TCP+UDP to any, then any other more obscure IP protocols can also pass. -
You shouldn't of had to create any rules… especially on the WAN side... the wizard should've taken care of that. Do this on both sides:
On the wan tab, pick a protocol, don't add both (unless you have a specific need for TCP, use UDP)... and the destination should be "WAN address":
UDP|*| *| WAN address | 1194 (OpenVPN)| *
On the OpenVPN tab, change your protocol to any:
*| *| *| *| *| *