OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • openvpn peer to peer ssl workaround
« previous next »
  • Print
Pages: [1]

Author Topic: openvpn peer to peer ssl workaround  (Read 1712 times)

hboetes

  • Newbie
  • *
  • Posts: 14
  • Karma: 4
    • View Profile
openvpn peer to peer ssl workaround
« on: January 15, 2019, 03:16:50 pm »
After hours of fiddling with a peer to peer SSL that did not work, whereas a peer to peer with shared key did work the following workaround:

Set the tunnel network to a /30

Let me explain: First I set the tunnel network to a /24, and then I noticed the IP on the client side of the tunnel was 10.3.0.6 and 5 and on the server side of the tunnel it was 10.3.0.1 and 2 and the route from the server to the client was pointed at 10.3.0.2.

So then I added the option topology30, which fixed the IP addresses, but no traffic was possible to the client.

After that I came up with a clever workaround, use a /30 for the tunnel network and disable the topology30 option. And... lo and behold... I got my SSL encrypted site to site working.

Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • openvpn peer to peer ssl workaround
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2