OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: carrista on April 10, 2018, 12:52:10 pm

Title: OpenVPN Client problem
Post by: carrista on April 10, 2018, 12:52:10 pm
Hello to Everyone,

I have 3 offices that I need to connect together.

Office n. 1 is the main one, with a WatchGuard XTM 330 as a SSL VPN Server, with 192.168.1.0/24 as subnet and 192.168.113.0/24 as tunnel network.

Office n. 2 has a OPNSense 18.1.5 installed in a VM on top of a ProxMox 5.0 (KVM) with 2 adapters, and is the main FW for 192.168.3.0/24, connected with OpenVPN Client to Office n. 1. I also setup on it an OpenVPN Server for testing purposes.

Office n. 3 has a OPNSense 18.1.5 installed in a VM on top of a ProxMox 5.0 (KVM) with 2 adapters, and is the main FW for 192.168.10.0/24. It has OpenVPN Client connected to Office 1 (WatchGuard SSL VPN Server) and Office 2 (OpenVPN Server).

From Office 3 perspective, if I ping Office 2 or Office 1, either WatchGuard or OpenVPN, often it does not work at all at first try. But if I try 3 seconds later, it work. After 3 sec, it don't work again. It seems like a routing problem, but I checked all routes, gateways and firewall rules and everything seems to be correct.
This Setup sometimes works, sometimes not.
Check this real example :

marco@desktop:~$ date
mer  4 apr 2018, 12.19.43, CEST
marco@desktop:~$ ping 192.168.3.1
PING 192.168.3.1 (192.168.3.1) 56(84) bytes of data.
^C
--- 192.168.3.1 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5123ms

marco@desktop:~$ date
mer  4 apr 2018, 12.19.51, CEST
marco@desktop:~$ ping 192.168.3.1
PING 192.168.3.1 (192.168.3.1) 56(84) bytes of data.
64 bytes from 192.168.3.1: icmp_seq=1 ttl=63 time=19.9 ms
64 bytes from 192.168.3.1: icmp_seq=2 ttl=63 time=20.6 ms
64 bytes from 192.168.3.1: icmp_seq=3 ttl=63 time=20.2 ms
64 bytes from 192.168.3.1: icmp_seq=4 ttl=63 time=20.1 ms
64 bytes from 192.168.3.1: icmp_seq=5 ttl=63 time=22.6 ms
^C
--- 192.168.3.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 19.943/20.722/22.640/0.991 ms

This happens also between Office 2  and Office 1.

Previously I had used Pfsense and I never experienced anything like that.
If I connect to Office 1 with OpenVPN client on devices, everything works fine

Any suggestion on this issue?

Thank you

Marco