Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN and Layer 2 Bridge with user VPNs not working well.

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      crzykidd
      last edited by

      I am fairly new to OpenVPN on pfSense.

      I have 2 pfSense FWs running 2.1 RELEASE

      Site 1 has a GW of 192.168.20.1 and an external WAN IP with an openVPN server running in tap mode

      Site 2 has a GW of 192.168.20.2 and an external WAM IP with an openVPN client running in tap mode.

      I can ping from site 1 to site 2 and everything works great.

      I then also have a second openVPN server running at Site 1 in tun mode.  users get 192.168.21.0/24 address when connected.

      After making a connection users can see everything at site 1, but can't get to site 2.

      I am sure there is a rule I need to add somewhere to make this work, but for the life of me I can't figure out how to get users VPNed into site 1 access to machines on the site 2 side.  Any help?

      Thanks,
      Matthew

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        I guess machines at site 2 have GW set to 192.168.20.2 - and 192.168.20.2 has no route to VPN tunnel 192.168.21.0/24
        Maybe just add a static route on 192.168.20.2 to route 192.168.21.0/24 to 192.168.20.1?
        and there might be an asymmetric routing issue come up because traffic in 1 direction only will go through 192.168.20.2

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.