OPNsense Forum
English Forums => General Discussion => Topic started by: verdi on February 15, 2019, 01:05:53 am
-
Hi,
i have an OPNSense Installation with IP Net 192.168.23.0/24 with a Site2Site IPSec VPN to a Fritzbox with IP Net 192.168.24.0/24
I can reach all 192.168.24.0/24 clients from my 192.168.23.0/24 clients
Works fine!
I also have a OpenVPN Server for mobile devices which get 192.168.25.0/24 IP addresses.
Works fine!
I can reach all 192.168.23.0/24 addresses from the Road Warrior client.
But i can't reach any of the 192.168.24.0/24 clients from any of the 192.168.25.0/24 Road Warrior clients.
Traceroutes from the 192.168.25.0/24 clients show that the request to 192.168.24.0/24 get routed to WAN on the OPNsense box.
Rules for OpenVPN are: source 192.168.25.0/24 -> * -> GW default ( i can't set IPSec connection here )
How can i fix it?
greets
Marcel
-
Add a static route on the Fritzbox for 192.168.25.0/24 via OPNsense
Bart...
-
hi
i can already see on the openvpn client that the opnsense routes it wrin. see attachment
greets
Marcel
-
i found a route under system->routes->status
destination 192.168.24.0/24
gateway 84.x.x.x. ( my WAN IP )
but how can i find out who set this route? because that's obviously cuasing the problem ... it comes from 192.168.25.x ( openvpn client ) and then firewall looks at route an sends it through wan. exactly what i am seeing on my client
edit: route was set by phase 2 of the ipvsec site2site connection. Under advanced config you can set "don't add routes' then it disappears in the routing table but i can't add a proper static route then because i can't choose ipsec as gateway
-
Hello Marcel,
have you found a solution for your problem? I think I am struggling with the same problem. Would be nice to hear from you.
Greeting
Suhel