Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client VPN access to multiple subnets

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 4 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      croft
      last edited by

      Hi,

      New user here, been on pfsense for almost a week.  I have successfully setup up a point to point VPN between two sites using a pfsense box/firewall at each location…works great.  In my setup, site A is the main server and site B acts as client.  Also, I've set up an additional VPN that allows remote users access.  This OpenVPN policy is located on the pfsense box at site A  It looks like this:

      SITE A:
      LAN:  192.168.0.0/24
      SITE TO SITE TUNNEL:  192.168.204.0/30
      REMOTE ACCESS TUNNEL:  192.168.202.0/24

      SITE B:
      LAN: 192.168.2.0/24

      So, everything is working.  However, when a user uses the VPN from the field, they can't RDP to any resources at site B, only Site A.  I need them to be able to RDP to all servers at both sites.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • T
        TwigsUSAN
        last edited by

        You just have to set up routes.

        1 Reply Last reply Reply Quote 0
        • M
          marvosa
          last edited by

          Just need to add the following to the Advanced configuration section of your Remote Access config:

          push "route 192.168.2.0 255.255.255.0";

          Then make sure your firewall rules allow the traffic on each interface.  Usually easiest to start with an any/any rule.

          1 Reply Last reply Reply Quote 0
          • C
            croft
            last edited by

            Hi Guys, thanks for the reply!

            @marvosa, can you tell me where exactly I add the push "route…." in the config?  I think I put it in the "Advanced Configuration" section at the bottom of the OpenVPN: Server section @ Site A.

            Is this correct?

            1 Reply Last reply Reply Quote 0
            • M
              marvosa
              last edited by

              Yes, that is correct…. "Advanced Configuration" section.

              1 Reply Last reply Reply Quote 0
              • D
                deepak11
                last edited by

                Hi guys,
                I'm also having the same problem,
                and also I tried adding push route in "Advanced Configuration". its not working.
                any other suggessions ?

                1 Reply Last reply Reply Quote 0
                • M
                  marvosa
                  last edited by

                  @deepak11:

                  Hi guys,
                  I'm also having the same problem,
                  and also I tried adding push route in "Advanced Configuration". its not working.
                  any other suggessions ?

                  deepak11, this is a 4.5 year old thread, you should start a new thread with your specific details in it, so we can offer targeted troubleshooting.

                  At a high level, two things are needed:

                  • On site A's remote access config, push a route to site B's LAN to your clients

                  • On Site B's site-to-site config, add a return route to site A's remote access tunnel network

                  This can all be done in the GUI now

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.