How can i pass trafic from openvpn client to network on other side of ipsec tunl



  • Hi,

    let me show what i need

    client (10.17.0.0/24) –-> openvpn on pfsense A -->  Ipsec tunnel pfsense A ---> Ipsec tunnel pfsense B ---> Some network on other side 10.10.0.0/24

    D



  • OpenVPN server on pfSenseA will need 10.10.0.0/24 added to the IPv4 Local Network/s list. Then the OpenVPN client will learn that the OpenVPN link is a route to 10.10.0.0/24
    At siteB the IPsec will also need to know that the IPsec tunnel is the way to 10.17.0.0/24 - I don't use IPsec, so I don't know exactly how that is specified.



  • i followed the same setup but still unable to access the remote network

    client (10.17.8.0/24) -> openvpn on pfsense A -> IPsec tunnel to different FW device -> remote network (172.16.1.0/24)

    in the openvpn config,
    IPv4 Tunnel Network 10.17.8.0/24
    IPv4 Local Network/s 10.0.1.0/24,172.16.1.0/24,172.16.2.0/24

    when connected to vpn, my client shows this in routes,
    172.16.4/22        10.17.8.5          UGSc            0        0    tun0
    172.16.8/22        10.17.8.5          UGSc            0        0    tun0

    $ traceroute 172.16.1.100
    traceroute to 172.16.1.100 (172.16.1.100), 64 hops max, 52 byte packets
    1  10.0.8.1 (10.0.8.1)  59.329 ms  67.954 ms  62.854 ms
    2  pfsense_wan_gw_address

    so it doesnt seem like the routing is correct … what did i do wrong here?




Log in to reply