OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: Maarten on October 01, 2018, 09:23:53 am

Title: Connecting Sites via openvpn and policy routing
Post by: Maarten on October 01, 2018, 09:23:53 am
Hi,

I've got a problem when connecting sites together via policy routing.

I've connected my sites as shown in the attached image, and the problem is I can't ping from "Site B" to "Site C" and visa versa.
The Ping request does reach the host at "Site C", and the ping reply travels back over the tunnel, but "Site A" decides to route the ping reply over the default gateway instead of the tunnel to "Site B". This is the case in both directions. So the policy routing seems to be setup correctly.

What can be the problem here?
Title: Re: Connecting Sites via openvpn and policy routing
Post by: mimugmail on October 01, 2018, 10:05:08 am
Site A, Interface : WAN ... Check that Upstream is Off or Auto
Title: Re: Connecting Sites via openvpn and policy routing
Post by: Maarten on October 01, 2018, 03:48:17 pm
Hi, thanks for the reply, going to check it out
Title: Re: Connecting Sites via openvpn and policy routing
Post by: Maarten on October 03, 2018, 12:34:51 pm
Problem when I remove the default gateway and set the wan interface upstream to auto is that openvpn does not have a return path, and the log floods with:

openvpn[49033]: write UDPv4: No route to host (code=65)

Title: Re: Connecting Sites via openvpn and policy routing
Post by: mimugmail on October 03, 2018, 03:58:04 pm
You dont have to remove default gateway, only set upstream to auto ..
Title: Re: Connecting Sites via openvpn and policy routing
Post by: Maarten on October 04, 2018, 08:39:18 am
ah ok, just tried that, but the result remains the same.
Title: Re: Connecting Sites via openvpn and policy routing
Post by: mimugmail on October 04, 2018, 08:43:28 am
Regarding the speed?
Title: Re: Connecting Sites via openvpn and policy routing
Post by: Maarten on October 04, 2018, 08:50:58 am
no, the ping reply being routed out over the wan adapter. (image of the first post)
Title: Re: Connecting Sites via openvpn and policy routing
Post by: mimugmail on October 04, 2018, 10:40:02 am
Can you post the routing table and a screenshot of openvpn status, on both all networks should be listed.