Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Win2012 server to pfSense peer-to-peer can't ping far end

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 975 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jeff4bioeden
      last edited by

      Firewall is pfSense, 2.0.2-RELEASE (i386)

      Trying to set up peer-to-peer, originating from a Windows2012 server
      I can connect from the Windows server using a roadwarrior connection, so I believe all the programs are working correctly

      LAN side config file, from the pfSense box:

      dev ovpns3
      dev-type tun
      dev-node /dev/tun3
      writepid /var/run/openvpn_server3.pid
      #user nobody
      #group nobody
      script-security 3
      daemon
      keepalive 10 60
      ping-timer-rem
      persist-tun
      persist-key
      proto udp
      cipher AES-128-CBC
      up /usr/local/sbin/ovpn-linkup
      down /usr/local/sbin/ovpn-linkdown
      local x.x.x.x
      ifconfig 192.168.10.1 192.168.10.2
      lport 1196
      management /var/etc/openvpn/server3.sock unix
      max-clients 5
      push "route 192.168.3.0 255.255.255.0"
      secret /var/etc/openvpn/server3.secret
      comp-lzo
      passtos
      push "route 192.168.4.0 255.255.255.0"

      Config file from the Windows 2012 server (client) side:

      dev tun
      persist-tun
      persist-key
      cipher AES-128-CBC
      resolv-retry infinite
      remote x.x.x.x 1196 udp
      ifconfig 192.168.10.2 192.168.10.1
      secret auspeer.key
      comp-lzo
      verb 3

      Connection establishes, but each end can ping only itself (pfsense box can ping 192.168.10.1, but not 192.168.10.2).  Windows client machine can ping 192.168.10.2, but not 192.168.10.1

      Is it something obvious?
      Is there any additional information that would be of assistance in helping me resolve?

      Any assistance appreciated!

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        The OpenVPN config files look reasonable.
        You do not mention firewall rules - what rules do you have to allow traffic into pfSense end OpenVPN? And same for Windows Server firewalling (however you do that using OpenVPN client on Windows Server).

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.