Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site2Site + Remote VPN

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      akletke
      last edited by

      This is my first post as I can generally find the info I need by searching. I have yet to figure this out.

      I have two sites. Let's say Site A and Site B. I've had an OpenVPN Site2Site VPN running for several years now without any issues. To increase security I'd like to close down ports that are allowing for RDP access and other various services by providing a remote OpenVPN server so that users can connect and see all resources on both sites.

      Current setup is Site A is the Site2Site "Server" and Site B is the Site2Site "Client". Everything works great here.

      I setup a Remote OpenVPN that connects to Site B. Everything works there… Sort of... I can connect, I can RDP into desktops at Site B but not Site A. I can Ping some devices and not others. I can ping the gateway at Site B (192.168.3.1), I cannot ping the pfsense box at Site A (192.168.2.1) or anything else on that site. I can ping servers and desktops at Site A but cannot ping/telnet switches (I'm assuming that is some ACL's I have setup on those.)

      Any help on the rules and whatnot I need to setup for these remote clients to see Site A would be appreciated.

      1 Reply Last reply Reply Quote 0
      • J
        Jakeyg
        last edited by

        Could it be in your open VPN settings this?

        Inter-Client Communication: Allow communication between clients connected to this server.

        Just a guess?

        1 Reply Last reply Reply Quote 0
        • A
          akletke
          last edited by

          Nope… tried both with that option checked and unchecked. I have a feeling it's a firewall rule but have no idea what I would need to allow.

          1 Reply Last reply Reply Quote 0
          • A
            akletke
            last edited by

            Got it figured out…

            Site A uses 192.168.2.0/24
            Site B uses 192.168.3.0/24
            Site2Site Tunnel uses 192.168.0.0/24
            RemoteVPN Tunnel uses 192.168.1.0/24

            I had to add the RemoteVPN's subnet in my Site2Site server setting: Tunnel Settings> IPv4 Remote Network/s  (192.168.3.0/24, 192.168.1.0/24)

            And viola!

            God I love this software...

            1 Reply Last reply Reply Quote 0
            • J
              Jakeyg
              last edited by

              Good work.  It really is amazing isnt it :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.