Text only | Text with Images

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: huuich on February 07, 2021, 04:45:47 AM

Title: 2 parallel firewall, same Lan, VPN on this fw can not ping sever gateway other
Post by: huuich on February 07, 2021, 04:45:47 AM
I have 2 parallel firewall running lastest version 21.1, same Lan like picture attached

(https://i.imgur.com/UpqqMxg.png)

On fw 2 can ping File Sever 1 (gateway firewall 1), on fw 1 can ping File Server 2 (gateway firewall 2)


I've configured VPN on firewall 2 follow step by step this doc: https://docs.opnsense.org/manual/how-tos/sslvpn_client.html And almost everything work ok but on Remote Computer I only can ping File Server 2 (gateway fw 2) and can not not ping File Server 1 (gateway firewall 1) though they are on the same Lan.

How can I do to VPN computer on firewall 2 can ping sever gateway firewall 1?
Title: Re: 2 parallel firewall, same Lan, VPN on this fw can not ping sever gateway other
Post by: astuckey on May 20, 2021, 07:18:05 PM
This looks like an asymmetrical routing issue.
As the VPN client source address is in a different subnet to 192.168.1.0/24, the response packet of the ping will need to use it's assigned gateway, which is 192.168.1.1, which won't know what to do with the source address of 10.10.0.1.
Title: Re: 2 parallel firewall, same Lan, VPN on this fw can not ping sever gateway other
Post by: huuich on June 24, 2021, 04:31:54 AM
Thanks for your reply, so what can I do to fix this?
Text only | Text with Images