Win2012 server to pfSense peer-to-peer can't ping far end



  • Firewall is pfSense, 2.0.2-RELEASE (i386)

    Trying to set up peer-to-peer, originating from a Windows2012 server
    I can connect from the Windows server using a roadwarrior connection, so I believe all the programs are working correctly

    LAN side config file, from the pfSense box:

    dev ovpns3
    dev-type tun
    dev-node /dev/tun3
    writepid /var/run/openvpn_server3.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-128-CBC
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local x.x.x.x
    ifconfig 192.168.10.1 192.168.10.2
    lport 1196
    management /var/etc/openvpn/server3.sock unix
    max-clients 5
    push "route 192.168.3.0 255.255.255.0"
    secret /var/etc/openvpn/server3.secret
    comp-lzo
    passtos
    push "route 192.168.4.0 255.255.255.0"

    Config file from the Windows 2012 server (client) side:

    dev tun
    persist-tun
    persist-key
    cipher AES-128-CBC
    resolv-retry infinite
    remote x.x.x.x 1196 udp
    ifconfig 192.168.10.2 192.168.10.1
    secret auspeer.key
    comp-lzo
    verb 3

    Connection establishes, but each end can ping only itself (pfsense box can ping 192.168.10.1, but not 192.168.10.2).  Windows client machine can ping 192.168.10.2, but not 192.168.10.1

    Is it something obvious?
    Is there any additional information that would be of assistance in helping me resolve?

    Any assistance appreciated!



  • The OpenVPN config files look reasonable.
    You do not mention firewall rules - what rules do you have to allow traffic into pfSense end OpenVPN? And same for Windows Server firewalling (however you do that using OpenVPN client on Windows Server).


Log in to reply