Site to site configuration fight
darxmurf last edited by
Here is the situation:
I have 2 offices to link.
For the moment each workstation in Office B is mounting a vpn session with Office A to work but it's not efficient.
So, I installed a pfsense box there and connected the OpenVPN client to Office A.
Here is the setup
Users are sharing the same cert but have an AUTH/PASSW to connect the VPN.
Once connected, from the pfsense shell I can ping all the machines on LAN A without problem !
But when I try to access the LAN A from a workstation on LAN B, the only server who is answering is the Ubuntu OpenVPN server (ETH0 and TUN0). I can ping it but not the windows SRV.
Here is the OpenVPN Server conf
Ubuntu with OpenVPN 2.1 Server ETH0 : 192.168.1.4 TUN0 : 10.8.0.1 port 1194 proto tcp dev tun ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.1.0 255.255.255.0" push "route 192.168.5.0 255.255.255.0" client-config-dir ccd route 192.168.5.0 255.255.255.0 10.8.0.2 push "dhcp-option DNS 192.168.1.4" push "dhcp-option WINS 192.168.1.4" client-to-client duplicate-cn keepalive 10 120 comp-lzo max-clients 100 user nobody group nogroup persist-key persist-tun username-as-common-name status openvpn-status-tcp.log log-append /var/log/openvpn-tcp.log verb 3 plugin /usr/lib/openvpn/openvpn-auth-pam.so login
in the ccd conf for the client I added
iroute 192.168.5.0 255.255.255.0
From my LAN B when I try to ping the Windows server, I can see the ping query with a tcpdump on the openvpn Server but the ping reply get lost somewhere ! Don't know where !
As I'm a bit lost after all the stuff I tried, maybe you have an idea ?
Many thanks in advance