Client LAN can ping server-side LAN, not the other way around

  • Hi,

    I have the following Setup as a Site-to-Site LAN (hopefully):
    pfsense (OpenVPN)

    Now, the tunnel seems to come up right, the ..10.0/24 subnet can ping and access everything just fine in the ..0.0/24 subnet.
    When I try to ping an address in the ..10.0/24 subnet from my side (..0.0/24) i get timeouts. Moreover, when I trace an address in the ..10.0/24 subnet, it seems to go out via one of my WAN links. (Dual-WAN Setup, one PPPoE, one via another router in ..2.0/24 subnet)

    I'm guessing this is a routing problem, I just can' figure out if it's on my side or the other.

    Has anybody an idea on this, or can tell me how to figure out what's going wr(on)g?

    Many thanks,

  • Does the router over which you clients in your .0.0/24 subnet go, know the route to the 10.0/24 subnet?

  • It hast a route to the 200.2 gateway, which is in "the tunnel" (right?) and knows that 10.0/24 is reachable via this gw.

    The other side has it's gw to 0.0/24 set as 200.1

    Would the file transfer from the other side work if it didn't?


  • i think you might have to change the ddwrt side to something else like or something that way you dont get mixed up in the routing or the routers for that matter

  • Felix,

    Try adding a LAN firewall rule on the pfsense server allowing traffic to your client subnet using the default gateway.  This seems to be important if you're using failover/load balancing routing policy.

  • Hi,

    the LAN rule did the trick!

    Many thanks.

Log in to reply