Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Mobile Clients w/Peer to Peer - Connected, but not passing traffic?

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 520 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jrichards555
      last edited by

      I've got firewall A which has OpenSSL mobile clients running and that part is working fine.  I've got firewall B that I need to connect with a peer to peer connection so I chose to setup firewall A as an OpenVPN client with a pre-shared key per these docs: https://doc.pfsense.org/index.php/OpenVPN_Site_To_Site

      The peer to peer tunnel appears to be connected - both sides are reporting the connection and traffic in/out counters are increasing with time.  However, I can not seem to make a connection from a server behind firewall A to a server behind firewall B.  I started with some firewall rules troubleshooting, but nothing is showing up in the logs (I'm assuming nothing there means traffic is passing).

      Has anyone else done this and if so, how did you configure it? Or is there a better way to do this?  I don't care how I make the tunnel (IPSec, OpenVPN, etc) just as long as it's made.  Attached are screen shots of my configs.
      ![Firewall A.jpg](/public/imported_attachments/1/Firewall A.jpg)
      ![Firewall A.jpg_thumb](/public/imported_attachments/1/Firewall A.jpg_thumb)
      ![Firewall B.jpg](/public/imported_attachments/1/Firewall B.jpg)
      ![Firewall B.jpg_thumb](/public/imported_attachments/1/Firewall B.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • J
        jrichards555
        last edited by

        I've done some additional diagnostics and found that after much trial and error, firewall B is seeing traffic (I shut off all rules, address an easy pass rule and logged it) and then verified it with a packet capture however, even with Windows firewall turned off (and the port open), I'm not seeing a response from the server like it's still not getting to it….

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.