4. [SOLVED] Routing/VPN - multiple s2s/road warrior

[SOLVED] Routing/VPN - multiple s2s/road warrior

  • R

    Hi

    i know that there are lots of topics regarding these problems but none of them are helpful enough.

    Current Setup:

    Our "primary" Network 192.168.22.1 and our second Network 192.168.24.1 (two different Locations) are conmected by a OpenVPN s2s. The primary Network is also connected through a IPSec Tunnel to our third Network. There is also a Road Runner VPN. (see attachment)

    Current Situation:

    From our primary network i´m able to reach each other Network (site2 and site3)

    But i cant reach the 10.30.35.0/24 from Road Warrior/site2 and i also cant reach 192.168.24.0/24 from Road Warrior/site1 and vice versa. (see attachment red/green lines)

    I found this nice Guide from Stefcho: http://blog.stefcho.eu/routing-road-warrior’s-clients-through-a-site-to-site-vpn-with-pfsense-2-0-rc1-and-openvpn/

    I´ve added

    push route 192.168.24.0 255.255.255.0; to site1 Road Warrior Server and
    route 192.168.22.0 255.255.255.0; to the s2s Client (site2)
    but it still wont work. Could you please push me in the right direction?

    Config:
    pfSense site1 (s2s)
    ServerMode P2P Shared Key
    Protocol UDP
    Deice mode tun
    Interface: WAN
    Server Host: external IP
    Server Port: 1195
    Proxy: none
    Encryption: CBC
    Hardware Crypto: none
    IPv4 Tunnel: 192.168.55.0/24
    IPv4 Local Network: 192.168.22.0/24
    IPv4 Remote Network: 192.168.24.0/24
    Compression: No

    pfSense site1 (RW)

    ServerMode Remote Access SSL/TLS
    Protocol UDP
    Deice mode tun
    Interface: WAN
    Server Host: external IP
    Server Port: 1194
    Proxy: none
    Encryption: CBC
    Hardware Crypto: none
    IPv4 Tunnel: 192.168.44.0/24
    IPv4 Local Network: 192.168.22.0/24
    Compression: No
    Inter-client communication: Allow communication
    Duplicate Connections: Allow multiple concurrent connections
    Dynamic IP: yes
    AddressPool: provide a virtual Adapter
    DNS: 8.8.8.8
    Force DNS Update: yes
    NetBIOS Options: enabled
    Advanced: push route 192.168.24.0 255.255.255.0;

    pfSense site2

    ServerMode: P2P Shared Key
    Protocol: UDP
    Deice mode: tun
    Interface: WAN
    Server Host: external IP
    Server Port: 1195
    Proxy: none
    Encryption: CBC
    Hardware Crypto: none
    IPv4 Tunnel: 192.168.55.0/24
    IPv4 Local Network: 192.168.24.0/24
    IPv4 Remote Network: 192.168.22.0/24
    Compression: No
    Advanced: route 192.168.22.0 255.255.255.0;

    0
  • Netgate

    Your site-to-site and remote access OpenVPN instances are both on 1195 on site 1?

    0
  • R

    Oh! of course not. Thanks for the Hint. Edited my Post.

    0
  • R

    Okai, solved. I´ve just miss typed some IPs. If you should have the same Problem chekc this Guide: http://blog.stefcho.eu/routing-road-warrior’s-clients-through-a-site-to-site-vpn-with-pfsense-2-0-rc1-and-openvpn/

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy