Site-2-site routing problem?

kallegr

dear community,

i´ve got a site2site openvpn with 2 pfsense-boxes running.

Site1 Office:

local-lan: 192.168.4.x
pfsense: 192.168.4.1
WAN: 192.168.178.1 (DSL)

Site 2 Remote-Server-Network:
local-lan: 192.168.77.x
pfsense: 192.168.77.254

Clients from office-lan can connect to servers in Site 2 without problems.
Servers in Site 2 can connect to pfsense local-lan-address (192.168.4.1) on Site 1.
Servers in Site 2 cannot connect to printers / clients on Site 1 (192.168.4.99).

traceroute from site 2 (server-network):

C:\>tracert -d 192.168.4.1
Routenverfolgung zu 192.168.4.1 über maximal 30 Abschnitte

  1    <1 ms    <1 ms    <1 ms  192.168.77.254
  2    26 ms    25 ms    25 ms  192.168.4.1

Ablaufverfolgung beendet.

C:\>tracert -d 192.168.4.99

Routenverfolgung zu 192.168.4.99 über maximal 30 Abschnitte

  1    <1 ms    <1 ms    <1 ms  192.168.77.254
  2    26 ms    26 ms    25 ms  [b]192.168.178.1[/b]
  3    40 ms    39 ms    40 ms  217.0.117.216
  4  ^C

if the routing table knows, how to connect to 192.168.4.1, why am i not able to connect to a printer on the same-network interface with ip: 192.168.4.99? (gateway is set correctly to 192.168.4.1 on printer)

thanks, best regards, kallegr

divsys

Do you have a firewall rule under OpenVPN in both pfSense boxes allowing all?

kallegr

@divsys:

Do you have a firewall rule under OpenVPN in both pfSense boxes allowing all?

yes! on both pfsense-boxes are * * * (allow all) rules.

ping to 192.168.4.1 (from server-lan) does work..
ping to 192.168.4.99 (form server-lan) does not work…

johnpoz

well from that trace looks like pfsense is sending it out its wan vs going down the tunnel.

divsys

well from that trace looks like pfsense is sending it out its wan vs going down the tunnel.

Hmmmmmm

OP: Can you post your OpenVPN configs for the Server and the Client?