Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unstable Multi Site-to-Site OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      skolic
      last edited by

      Hi guys,

      I have three sites. I want to connect each site with all other sites. See the attachment (picture) bellow.

      SITE A is only functioning as a OpenVPN Server. SITE B and C are clients to A. This works great. Both sites can contact SITE A withou issues. Stable connection there.

      The problem is now when I want to setup another connection between SITE B and C. If I make site B also as a OpenVPN Server and make another client connection from C to B, I'm not able to contact both networks B and A at the same time from C. It kind of makes connections random available to B or A. The status of all connections is green.

      It seems that if configure B as client and as server that routing is beeing an issue. I've seperated all tunnels with its own subnet. Am I missing something on the routing part? I don't know if the issue is on site B or on site C.

      I know it is possible to setup A as central server and route traffic from C to B trough A, but I want to avoid this overhead. Any suggestions?

      Cheers,
      Sead
      VPN.png
      VPN.png_thumb

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        That should work exactly like your diagram. Just make sure that the Local Network/s and Remote Network/s boxes in every place have the relevant LAN subnet that is local/remote to the place it is set up.
        Maybe you have some leftovers from initially setting those up with B talking to C via A.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • S
          skolic
          last edited by

          Thanks for the reply. Still not working. I've done this already. I have connections from site B to A and to C, but its not always routing correctly from C to A or from C to B.

          If I ping a server on site A, I get a reply. Then I ping a server on site B, I don't get any reply. After a minute or so I do try to ping A again and don't get reply, but do get reply for site B. :)

          I thing there is an issue with the routing somewhere on site C. Site C is a client to both A and B.

          I also tried tracert to both sites and the same issue. I get a route untill the gateway of site C, but not further. Same as pinging. Sometimes I do get the full route as it should be and sometimes it just hangs on the first hop.

          Is it an issue with NAT or the OpenVPN Service? Any suggestions?

          See images for the tracert info. The send part of the image is performed just few minutes after the first tracert action.

          Thanks,
          Sead

          VPN-tracert-issue.png
          VPN-tracert-issue.png_thumb

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.