Weird Site to Site Openvpn Problem

  • Hello to everyone,
    I'm experiencing a weird problem wit a multi-wan site-to-site OpenVpn.

    To make it short I can access from the client lan ( to the server lan ( via a tunnel ( without a problem (a bit slow maybe), but not vice-versa, it just load forever.

    The weird thing is that from server lan I can ping all the devices, and I can also see the default page from an Apache server on the client side, but that's all I can do. No ssh, no dynamic pages, no samba shares. I cannot access neither the client side Pfsense gui.

    my current configuration is multi wan on the server side with the vpn

    This is the server config

    This is the client config

    On the server side the interface is configured as localhost because of the multiwan there is a port forwarding

    EOLO	UDP	*	*	EOLO address	500 (ISAKMP)	500 (ISAKMP)	Eolo VPN multiwan 	
    VODAFONE20MB	UDP	*	*	Vodafone address	500 (ISAKMP)	500 (ISAKMP)	Vodafone 20MB VPN multiwan 

    there are also rules about opening the port 500 on both routers (and on both multiwan connections)

    What I forgot to check?

    Thank you in advance

  • Change your subnet on both PfSense boxes for the IPv4 Tunnel network to /24

    So instead of do

    Try that.

    Also, make sure you have an allow firewall rule for the OpenVPN interface on each PfSense.

    Lastly, why are you using DES-CBC 64bit????


  • To be honest I don't know why is set with such an algorithm  :o . I changed it to a more standard AES. I tried to change the network mask to 24 but nothin changed.
    For the firewall rules:
    How should be set? is not enough a "allow all" rule in both the openvpn tab?

    Thank you

    Update: now works, but the connection goes down every one hour or so and hangs on ping-reconnect.
    also I found a crash report logging into the server:
    Any advice about what to check?

    Thank you

Log in to reply