Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Unstable Multi Site-to-Site OpenVPN

    OpenVPN
    2
    3
    852
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      skolic last edited by

      Hi guys,

      I have three sites. I want to connect each site with all other sites. See the attachment (picture) bellow.

      SITE A is only functioning as a OpenVPN Server. SITE B and C are clients to A. This works great. Both sites can contact SITE A withou issues. Stable connection there.

      The problem is now when I want to setup another connection between SITE B and C. If I make site B also as a OpenVPN Server and make another client connection from C to B, I'm not able to contact both networks B and A at the same time from C. It kind of makes connections random available to B or A. The status of all connections is green.

      It seems that if configure B as client and as server that routing is beeing an issue. I've seperated all tunnels with its own subnet. Am I missing something on the routing part? I don't know if the issue is on site B or on site C.

      I know it is possible to setup A as central server and route traffic from C to B trough A, but I want to avoid this overhead. Any suggestions?

      Cheers,
      Sead

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis last edited by

        That should work exactly like your diagram. Just make sure that the Local Network/s and Remote Network/s boxes in every place have the relevant LAN subnet that is local/remote to the place it is set up.
        Maybe you have some leftovers from initially setting those up with B talking to C via A.

        1 Reply Last reply Reply Quote 0
        • S
          skolic last edited by

          Thanks for the reply. Still not working. I've done this already. I have connections from site B to A and to C, but its not always routing correctly from C to A or from C to B.

          If I ping a server on site A, I get a reply. Then I ping a server on site B, I don't get any reply. After a minute or so I do try to ping A again and don't get reply, but do get reply for site B. :)

          I thing there is an issue with the routing somewhere on site C. Site C is a client to both A and B.

          I also tried tracert to both sites and the same issue. I get a route untill the gateway of site C, but not further. Same as pinging. Sometimes I do get the full route as it should be and sometimes it just hangs on the first hop.

          Is it an issue with NAT or the OpenVPN Service? Any suggestions?

          See images for the tracert info. The send part of the image is performed just few minutes after the first tracert action.

          Thanks,
          Sead


          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy