Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [SOLVED] Routing/VPN - multiple s2s/road warrior

    OpenVPN
    2
    4
    1186
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      riddl last edited by

      Hi

      i know that there are lots of topics regarding these problems but none of them are helpful enough.

      Current Setup:

      Our "primary" Network 192.168.22.1 and our second Network 192.168.24.1 (two different Locations) are conmected by a OpenVPN s2s. The primary Network is also connected through a IPSec Tunnel to our third Network. There is also a Road Runner VPN. (see attachment)

      Current Situation:

      From our primary network i´m able to reach each other Network (site2 and site3)

      But i cant reach the 10.30.35.0/24 from Road Warrior/site2 and i also cant reach 192.168.24.0/24 from Road Warrior/site1 and vice versa. (see attachment red/green lines)

      I found this nice Guide from Stefcho: http://blog.stefcho.eu/routing-road-warrior%E2%80%99s-clients-through-a-site-to-site-vpn-with-pfsense-2-0-rc1-and-openvpn/

      I´ve added

      push route 192.168.24.0 255.255.255.0; to site1 Road Warrior Server and
      route 192.168.22.0 255.255.255.0; to the s2s Client (site2)
      but it still wont work. Could you please push me in the right direction?

      Config:
      pfSense site1 (s2s)
      ServerMode P2P Shared Key
      Protocol UDP
      Deice mode tun
      Interface: WAN
      Server Host: external IP
      Server Port: 1195
      Proxy: none
      Encryption: CBC
      Hardware Crypto: none
      IPv4 Tunnel: 192.168.55.0/24
      IPv4 Local Network: 192.168.22.0/24
      IPv4 Remote Network: 192.168.24.0/24
      Compression: No

      pfSense site1 (RW)

      ServerMode Remote Access SSL/TLS
      Protocol UDP
      Deice mode tun
      Interface: WAN
      Server Host: external IP
      Server Port: 1194
      Proxy: none
      Encryption: CBC
      Hardware Crypto: none
      IPv4 Tunnel: 192.168.44.0/24
      IPv4 Local Network: 192.168.22.0/24
      Compression: No
      Inter-client communication: Allow communication
      Duplicate Connections: Allow multiple concurrent connections
      Dynamic IP: yes
      AddressPool: provide a virtual Adapter
      DNS: 8.8.8.8
      Force DNS Update: yes
      NetBIOS Options: enabled
      Advanced: push route 192.168.24.0 255.255.255.0;

      pfSense site2

      ServerMode: P2P Shared Key
      Protocol: UDP
      Deice mode: tun
      Interface: WAN
      Server Host: external IP
      Server Port: 1195
      Proxy: none
      Encryption: CBC
      Hardware Crypto: none
      IPv4 Tunnel: 192.168.55.0/24
      IPv4 Local Network: 192.168.24.0/24
      IPv4 Remote Network: 192.168.22.0/24
      Compression: No
      Advanced: route 192.168.22.0 255.255.255.0;

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Your site-to-site and remote access OpenVPN instances are both on 1195 on site 1?

        1 Reply Last reply Reply Quote 0
        • R
          riddl last edited by

          Oh! of course not. Thanks for the Hint. Edited my Post.

          1 Reply Last reply Reply Quote 0
          • R
            riddl last edited by

            Okai, solved. I´ve just miss typed some IPs. If you should have the same Problem chekc this Guide: http://blog.stefcho.eu/routing-road-warrior%E2%80%99s-clients-through-a-site-to-site-vpn-with-pfsense-2-0-rc1-and-openvpn/

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy