OpenVPN Client and Server at the same time on the same Pfsense IP problem



  • Hi,

    I use a Pfsense server as OpenVPN server to connect from home for maintenance purpose to our LAN but at the same time the Pfsense server is an OpenVPN client to connect through WAN to our main office.

    The IP range received from our main office is 10.254.0.0/24 and the ip distributed by the OpenVPN server is 10.5.5.0/24

    The problem is when i try to ping/ssh or any command to a server in our main offices, it works one time in two. When i look at the firewall logs i see that the time it does not work, the ip source is an ip 10.5.5.0 and when if works a 10.254.0.0. I don't understand how the source ip could be 10.5.5.x as i'm not connected through a VPN client to the pfsense …

    It looks like a bug to me ... any idea how to solve that ? for now i disabled the openvpn server and the vpn client to our main offices works perfectly

    Regards



  • Can you do up a simple diagram explaining your setup?
    Your description is not clear as to the details on how you have this all connected especially the subnets for LAN and WAN at both home and office.

    What versions of pfSense are you running?



  • Here is a diagram, I hope you have enough informations.

    The problem is between the 'Office Computer' and the Server X. if i run any command on "office computer" like ping or ssh to the server X, i've to run it twice. One time on two it does not work. It is because once "office computer" comes with a 10.254.0.x Ip and it works and the next time it comes with a 10.5.5.x ip and it does not work.

    Only Laptop from home should receive a 10.5.5.x IP not Office Computer.

    One more point but not related to that problem. I had to create an outbound NAT rule on Pfsense 2.2.1 to be able to join the LAN on the main office site … is it normal ?




  • no idea ?



  • Sorry I 've been busy with work for the last few days.

    Your diagram is missing a couple of key pieces, namely the ISP equipment that gets you your internet connection at both sites and in particular the main office.

    You say the Linux server gets a "Virtual IP's 10.254.0.x", is that it's public IP or the tunnel subnet you picked for OpenVPN?

    Can you post the OpenVPN config file for the Linux server and the pfSense Site-Site Client?



  • what are these virtual ip's you are talking about?

    could it be a nat issue? one side of the site-2-site thats natting towards the other end ?


Log in to reply