PFSense - Problem with OpenVPN routing
- or -
Post a project like this2011
£200(approx. $251)
- Posted:
- Proposals: 1
- Remote
- #2160016
- OPPORTUNITY
- Awarded
Description
Experience Level: Expert
I’m not sure if there’s anyone on here trained and familiar with PFsense firewalls, but I have an issue with setting up and OpenVPN Site to Site SSL/TLS link between two sites.
It all worked fine previously, but after deleting the tunnel and recreating it the tunnel comes up but routing between the two sites IP sinners do not work.
Site A (Server) Subnet = 192.168.60.0/24
Site B (Client) Subnet = 192.168.69.0/24
OpenVPN Tunnel Subnet = 10.0.9.0/24
Site A Tunnel IP (Server) = 10.0.9.1
Site B Tunnel IP (Client) = 10.0.9.2
The only odd thing is that in the routing table the server has the following:
10.0.9.0/24 via gateway 10.0.9.2 which is the remote sites Tunnel IP. The remote site has 10.0.9.0/24 via gateway 10.0.9.1. Surely I would expect each site to be the other way round? Access to the 10.0.9.0/24 Subnet from the OpenVPN server should be via its own tunnel IP 10.0.9.1 and the client should be via its own IP 10.0.9.2?
Like I’ve said, the tunnel comes up fine but I cannot ping either site from each site and I cannot ping either sides OpenVPN Tunnel IP Address either from the Ping utility within PFSense or from command line when SSH’ing into both sites PFsense instance.
Like I’ve said before, this was all working fine, but after deleting the setup to change the encryption levels to high settings, it now won’t work and I’m completely stuck.
I also have another setup using a different version of PFSense as the server (2.3.2) connecting to remote client PFSense firewalls that are on a mixture of 2.4.x at the remote sites and it all works fine.
It all worked fine previously, but after deleting the tunnel and recreating it the tunnel comes up but routing between the two sites IP sinners do not work.
Site A (Server) Subnet = 192.168.60.0/24
Site B (Client) Subnet = 192.168.69.0/24
OpenVPN Tunnel Subnet = 10.0.9.0/24
Site A Tunnel IP (Server) = 10.0.9.1
Site B Tunnel IP (Client) = 10.0.9.2
The only odd thing is that in the routing table the server has the following:
10.0.9.0/24 via gateway 10.0.9.2 which is the remote sites Tunnel IP. The remote site has 10.0.9.0/24 via gateway 10.0.9.1. Surely I would expect each site to be the other way round? Access to the 10.0.9.0/24 Subnet from the OpenVPN server should be via its own tunnel IP 10.0.9.1 and the client should be via its own IP 10.0.9.2?
Like I’ve said, the tunnel comes up fine but I cannot ping either site from each site and I cannot ping either sides OpenVPN Tunnel IP Address either from the Ping utility within PFSense or from command line when SSH’ing into both sites PFsense instance.
Like I’ve said before, this was all working fine, but after deleting the setup to change the encryption levels to high settings, it now won’t work and I’m completely stuck.
I also have another setup using a different version of PFSense as the server (2.3.2) connecting to remote client PFSense firewalls that are on a mixture of 2.4.x at the remote sites and it all works fine.
Andy H.
100% (1)Projects Completed
2
Freelancers worked with
2
Projects awarded
25%
Last project
2 Feb 2021
United Kingdom
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies