Routing problem[SOLVED]



  • I have 2 OpenVPN tunnels - site -2 site. DD_WRT from one site, Pfsense from the other. Both tunnels end on the PFSENSE

    Clients from each tunnel, can ping LAN, can ping each other via Pfsense.

    Basically picture is:

    DD-WRT <–-> PFSENSE < ---> DD-WRT

    What I cannot achive is  route traffic to certain site  from DD-WRT  to PFSENE.

    Basically what I try to achieve is DD-WRT --> PFSENSE --> www.yahoo.com

    I route the the things to PFSENSE successfull but I cannot route to yahoo after that.

    It is "shared key"  openvpn setup, so I cannot PUSH ROUTES.

    Any ideas ?

    Thanks,

    Peter



  • One note I have 2 WANS(no failover) just option for DD-WRT to connect through different ISP to the PFSENSE box…



  • Any hint ? All I am trying to do

    DD-WRT –> PFSENSE --> Example.org

    Rest of internet  to be accessible from DD-WRT without VPN.

    I cannot solve the routing on pfsense side. Any ideas ?

    Thanks,

    Peter



  • probably need to add NAT rules to for the subnets behind the tunnels



  • Thanks, heper!.  Your post helped me a lot. I had the same suspicion , but got scared from the new 2.2 advanced routing screen :-)

    For anyone in the future who might have the same problem.

    On Pfsense 2.2, go to NAT -> Outbound NAT.

    Switch to Hybrid NAT.

    Add entry on WAN(most likely) for NAT. Source should be your Openvpn LAN of the remote site.  Please have in mind that in my case there was NO NAT(on purpose)  between openvpn remote  LAN and tunnel net. In case you have such NAT, you might need to change advanced NAT rule, source to be the tunnel net.