Problem with PING from e to ServerVPN

  • Hello everyone.
    I have a problem of this kind with pfsense, especially with the configuration of OpenVPN

    I state that I inherited and then I followed the logic with which the OpenVPN server were created.

    The network has a firewall in pfsense 192.168.40.X / 24

    The connected network is configured as a server on the TUNNEL
    The certificate has been put on the network firewall B, and the network is a 192.168.42.X / 24

    The machines from both sides pingano regularly.

    Similarly, I have created a new server certificate with TUNNEL
    The network of this, considering it's a PC alone with openvpn on board is dictated by the stick so a 192.168.0.X / 24

    Pc regularly sees the network with all the network PC on which it is connected.
    The PCs within the network instead see only the ip and 46, in practice the ip server and the tunnel client,
    but the machines inside, not pingano the ip address of 192.168.0.x connected PC.

    The route I Subsidiary, diagnosticians / routes, routing pointing correctly to the tunnel gateway.

    Why 2 certificates equal behave differently?

  • If I understand your description, your setup is something like:

    Started with:

    LAN_B–-------[SiteB Client1]-WAN->(OVPN<-WAN-[SiteA Server1]–-------LAN_A
    (                                                                                                          (

    Then you added a new OVPN server on SiteA to give you:

    LAN_B---------[SiteB Client2]-WAN->(OVPN<-WAN-[SiteA Server1]–-------LAN_A
    (                                                                          /      |                        (
                                                                                                          /      |
              LAN_C--------[Other Client2]–-------(OVPN      [SiteA Server2]

    So (B) <-> (A) can communicate fine, but (C) <-> (A) sees only the tunnel address

    This is usually a routing problem in the OpenVPN config.
    What type of server did you create for Server2 (SSL/TLS, Shared Key, Remote)?

Log in to reply