Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
openvpn peer to peer ssl workaround
« previous
next »
Print
Pages: [
1
]
Author
Topic: openvpn peer to peer ssl workaround (Read 1034 times)
hboetes
Newbie
Posts: 13
Karma: 3
openvpn peer to peer ssl workaround
«
on:
January 15, 2019, 03:16:50 pm »
After hours of fiddling with a peer to peer SSL that did not work, whereas a peer to peer with shared key did work the following workaround:
Set the tunnel network to a /30
Let me explain: First I set the tunnel network to a /24, and then I noticed the IP on the client side of the tunnel was 10.3.0.6 and 5 and on the server side of the tunnel it was 10.3.0.1 and 2 and the route from the server to the client was pointed at 10.3.0.2.
So then I added the option topology30, which fixed the IP addresses, but no traffic was possible to the client.
After that I came up with a clever workaround, use a /30 for the tunnel network and disable the topology30 option. And... lo and behold... I got my SSL encrypted site to site working.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
openvpn peer to peer ssl workaround
