OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: PotatoCarl on April 26, 2018, 06:21:25 pm
-
Hi,
I have a setup with OPNSense were several IPSEC and OPENVPN networks connect. While to connection from the main network to the VPNs and back works fine, I cannot route from one VPN into another.
I have allowed all the IPs etc., and the ping for example arrives well, but then kind of stops.
A similar, and maybe related problem is, that I have a VirtualMachine under KVM on one host, to which I can connect from the network it is in, but not from any of the VPNs.
So what I have is:
192.168.1.0/24 -IPSEC/VPN-> 192.168.2.0/24, 192.168.3.0/24 (different outposts)
What I can do is
192.168.1.0/24 <-VPN-> 192.168.x.0/24
What I want to do (and cannot) is:
192.168.x.0/24 <-VPN-> via 192.168.1.1 (router) <-VPN-> 192.168.y.0/24
The second problem would be (if it is not related, ignore it):
192.168.x.0/24 <-VPN-> via 192.168.1.1 (router) <-local network-> 192.168.1.x (specific ip adress of a VM)
I have now turned, screwed and broken any knobs I could find and wonder if my problem is related to the firewall here.
Thank you for your input.
-
Your SA setup is really confusing. Can you post a Screenshot of all P1 and P2 overview?
-
what is a P1 and P2 overview and where can I find it?
-
VPN - IPSec - Tunnel Settings - Expand Phase2 and make a screenshot of the whole page.
-
Sorry for the late reply. I was travelling.
https://owncloud.brace.de/owncloud/index.php/s/TxOdnlxxfIwU38X (https://owncloud.brace.de/owncloud/index.php/s/TxOdnlxxfIwU38X)
password: 123opnsense
Does this help?
As said, my IPSec connection does not get forwarded behind the firewall. I.e. I can access all servers in the network of the server (192.168.1.0/24), but not "behind that", i.e. other VPNs.
There is also one server (KVM Virtual machine) in the server network, that cannot be access outside the local network.
I assume that is a routing problem. Inserting the routes to the static route page did not help, but maybe I did something wrong.