Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Site2Site + Remote VPN

    OpenVPN
    2
    5
    648
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      akletke last edited by

      This is my first post as I can generally find the info I need by searching. I have yet to figure this out.

      I have two sites. Let's say Site A and Site B. I've had an OpenVPN Site2Site VPN running for several years now without any issues. To increase security I'd like to close down ports that are allowing for RDP access and other various services by providing a remote OpenVPN server so that users can connect and see all resources on both sites.

      Current setup is Site A is the Site2Site "Server" and Site B is the Site2Site "Client". Everything works great here.

      I setup a Remote OpenVPN that connects to Site B. Everything works there… Sort of... I can connect, I can RDP into desktops at Site B but not Site A. I can Ping some devices and not others. I can ping the gateway at Site B (192.168.3.1), I cannot ping the pfsense box at Site A (192.168.2.1) or anything else on that site. I can ping servers and desktops at Site A but cannot ping/telnet switches (I'm assuming that is some ACL's I have setup on those.)

      Any help on the rules and whatnot I need to setup for these remote clients to see Site A would be appreciated.

      1 Reply Last reply Reply Quote 0
      • J
        Jakeyg last edited by

        Could it be in your open VPN settings this?

        Inter-Client Communication: Allow communication between clients connected to this server.

        Just a guess?

        1 Reply Last reply Reply Quote 0
        • A
          akletke last edited by

          Nope… tried both with that option checked and unchecked. I have a feeling it's a firewall rule but have no idea what I would need to allow.

          1 Reply Last reply Reply Quote 0
          • A
            akletke last edited by

            Got it figured out…

            Site A uses 192.168.2.0/24
            Site B uses 192.168.3.0/24
            Site2Site Tunnel uses 192.168.0.0/24
            RemoteVPN Tunnel uses 192.168.1.0/24

            I had to add the RemoteVPN's subnet in my Site2Site server setting: Tunnel Settings> IPv4 Remote Network/s  (192.168.3.0/24, 192.168.1.0/24)

            And viola!

            God I love this software...

            1 Reply Last reply Reply Quote 0
            • J
              Jakeyg last edited by

              Good work.  It really is amazing isnt it :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy