S2s VPN :: WinXP<->Pfsense A COMPLETE MISTERY
stefanBG last edited by
I have been struggling with VPN too for a while. I have made a successful setup for road warriors and than did a site-to-site from my xp PC to Pfsense, but something must be wrong!!! Because when I ping the pfsense local net everything is OK, when I ping remote net from Pfsense - OK but!!! I cannot ping remote net from a PC on the pfsense local net.
My setup is as follows LAN1 (220.127.116.11/24) –VPN gateway(18.104.22.168) ---tunnel--- VPN gateway(22.214.171.124)--LAN2 (192.168.2.0/24)
I can ping 126.96.36.199/24 from 192.168.2.0/24
I can ping 192.168.2.0/24 and 188.8.131.52 from 184.108.40.206
I CANNOT ping 192.168.2.0/24 and 220.127.116.11 from 18.104.22.168
I shall appreciate any help! 10x in advance
Here are my screenshots and configs
My XP openvpn config
remote 22.214.171.124 1194
ifconfig 126.96.36.199 188.8.131.52
route 184.108.40.206 255.255.255.0
server side is with custom options: push "dhcp-option DNS 220.127.116.11";push "redirect-gateway def1";
Please, help me find the problem. I dont want to start manually messing with the routing tables
![27Diagnostics_ Routing.jpg_thumb](/public/imported_attachments/1/27Diagnostics_ Routing.jpg_thumb)
![27Diagnostics_ Routing.jpg](/public/imported_attachments/1/27Diagnostics_ Routing.jpg)
![28OpenVPN_ Server_ Edi.jpg_thumb](/public/imported_attachments/1/28OpenVPN_ Server_ Edi.jpg_thumb)
![28OpenVPN_ Server_ Edi.jpg](/public/imported_attachments/1/28OpenVPN_ Server_ Edi.jpg)
kpa last edited by
The addresses you use for the first LAN 18.104.22.168/24 and the tunnel endpoints 22.214.171.124/24 are not real private RFC 1918 networks, I would change them to for example 192.168.170.0/24 and 10.12.0.0/12. Since you're using your xp machine as the other endpoint you probably have to configure it as a router, by default windows xp won't do routing.
Edit: push options won't work with a shared key setup in case you're wondering.
stefanBG last edited by
So, lets forget about my XP. While trying with my XP I was also trying with a Suse distro using the same settings as in the XP. The Suse is the router of the remote network I would liek to connect.
So to accomplish my mission, I need to:
Switch back to PKI - a road warrior setup.
I had that setup and almost no luck with the VPN. While changing settings, the most i got is to ping the remote VPN gateway, but not the network, so no success with s2s vpn! :(
Could it be from the RFC 1918 networks incompatibility???
PS. I was just wondering, Can I still make ping from Pfsense network to my XP vpn gateway???