Hi everybody,
I just substituted a pfsense box with an opnsense box.
Copied everything from the old ovpn client conf, it goes perfeclty up, but it simply doesn't route.
or, at least, I can't ping remote lan.
Didn't change anything on server side, any-to-any assessed into openvpn tab in firewall rules, log packets set so that I see a green line into the firewall log when I try to ping remote hosts, but I get nothing back.
remote server lan: 10.1.0.0/16
client lan: 10.100.0.0/16
tunnel 10.31.1.0/24
Netstat -nr is ok
Internet:
Destination Gateway Flags Netif Expire
default 192.168.1.1 UGS vtnet0
10.1.0.0/16 10.31.1.1 UGS ovpnc1
10.31.1.1 link#8 UH ovpnc1
10.31.1.2 link#8 UHS lo0
10.100.0.0/16 link#2 U vtnet1
10.100.1.1 link#2 UHS lo0
127.0.0.1 link#4 UH lo0
192.168.1.0/24 link#1 U vtnet0
192.168.1.2 link#1 UHS lo0
Any hint is appreciated,
thank you
Is this what you're looking for ? Kinda hard to understand if you actually mean site 2 site or ssl warrior...prolly the latter.
Regardless of the 'sense' being used, the same principles apply, so just double check your config against the right tutorial below.
https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html
https://docs.opnsense.org/manual/how-tos/sslvpn_client.html
Sounds not unlike this:
https://forum.opnsense.org/index.php?topic=9916
Basically I'm seeing traffic that should go down the tunnel go out the main WAN interface. Probably something weird with how OpenVPN has its own routing table, or something to do with outbound NAT rules...