Client - Server and Site to Site VPN both pointing to the same local LAN



  • Is this possible with the OpenVPN service in pfSense?  We haven an existing Client - Server VPN setup for people to remote in from their home.  Now we have started setting up a second office which we would like to connect back to our first office as well.  Both of these VPN's would be put in touch with 192.168.1.0/24.  I'm having a problem getting the second site to site VPN to work, and it seems like it's stemming from an error where 192.168.1.0 is trying to be added to the routing table, but it fails because it's already in the routing table from the first VPN.  The error message from the server is listed below.

    
    Wed May 11 02:57:12 2016 OpenVPN 2.3.8 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Aug 21 2015
    Wed May 11 02:57:12 2016 library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
    Wed May 11 02:57:12 2016 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/server4.sock
    Wed May 11 02:57:12 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Wed May 11 02:57:12 2016 Static Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Wed May 11 02:57:12 2016 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed May 11 02:57:12 2016 Static Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Wed May 11 02:57:12 2016 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Wed May 11 02:57:12 2016 Socket Buffers: R=[42080->65536] S=[57344->65536]
    Wed May 11 02:57:12 2016 ROUTE_GATEWAY 192.168.0.1
    Wed May 11 02:57:12 2016 TUN/TAP device ovpns4 exists previously, keep at program end
    Wed May 11 02:57:12 2016 TUN/TAP device /dev/tun4 opened
    Wed May 11 02:57:12 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Wed May 11 02:57:12 2016 /sbin/ifconfig ovpns4 192.168.15.1 192.168.15.2 mtu 1500 netmask 255.255.255.255 up
    Wed May 11 02:57:12 2016 /usr/local/sbin/ovpn-linkup ovpns4 1500 1561 192.168.15.1 192.168.15.2 init
    OK
    Wed May 11 02:57:12 2016 /sbin/route add -net 192.168.1.0 192.168.15.2 255.255.255.0
    route: writing to routing socket: File exists
    add net 192.168.1.0: gateway 192.168.15.2 fib 0: route already in table
    Wed May 11 02:57:12 2016 ERROR: FreeBSD route add command failed: external program exited with error status: 1
    Wed May 11 02:57:12 2016 UDPv4 link local (bound): [AF_INET]192.168.0.2:1195
    Wed May 11 02:57:12 2016 UDPv4 link remote: [undef]
    Wed May 11 02:57:27 2016 MANAGEMENT: Client connected from /var/etc/openvpn/server4.sock
    Wed May 11 02:57:27 2016 MANAGEMENT: CMD 'state 1'
    Wed May 11 02:57:27 2016 MANAGEMENT: Client disconnected
    Wed May 11 03:03:23 2016 MANAGEMENT: Client connected from /var/etc/openvpn/server4.sock
    Wed May 11 03:03:23 2016 MANAGEMENT: CMD 'state 1'
    Wed May 11 03:03:23 2016 MANAGEMENT: Client disconnected
    
    


  • In a routed solution, all subnet ranges on both sides have to be unique.


Log in to reply