Access Additional Subnets on Site-to-Site VPN Link

CSPhoenix

Hey there,

First of all, to any developers reading, awesome job with pfSense, it has replaced a number of expensive cisco routers in our offices.

I have a site-to-site VPN link between the HQ and a satellite office.

HQ:
Major Subnet: 192.168.1.0/24
Other Subnets: 10.1.4.0/24, 10.1.6.0/24, etc
Site-to-Site Tunnel Network: 10.1.12.0/24

push "route 10.1.4.0 255.255.255.0";
push "route 10.1.6.0 255.255.255.0";
tun-mtu 1500;
mssfix 1400;

Satellite Office:
Major Subnet: 10.0.0.0/24
Other Subnets: 10.0.1.0/24, 10.0.2.0/24, etc

push "route 10.1.4.0 255.255.255.0";
push "route 10.1.6.0 255.255.255.0";
tun-mtu 1500;
mssfix 1400;

I've successfully set-up the link and can access the 192.168.1.0/24 subnet from the satellite office. However I cannot access 10.1.4.0/24 for example.

How do I go about fixing that?

Any help would be appreciated.

divsys

Assuming you've setup the HQ as the server and the Satellite as the client, you need to add a route(s) to the HQ config to define the client subnet(s)

ie:
route 10.0.0.0 255.255.255.0
route 10.0.1.0 255.255.255.0
      …..
etc.  Need to be added to the server config.

The 'push "route....' lines on the server side send the appropriate routes for the client to understand the server's subnets.

You don't need any 'push "route...' lines on the client side.

If you post a screenshot of your server and client configs, you may get more specific help on your setup