OpenVPN S2S - Routing Problem?

Punkte · May 21, 2023, 09:33:36 PM

Hello together,

I already wrote in the german section, but until now I could not fix my problem.

I have a OpenVPN S2S Connection to a Sophos UTM9. The connection is up and working.

I have following networks:
UTM9 Clientside: 192.168.50.0/24 (SSL Server - OpenVPN)
Transportnet 10.242.2.0/24
OPNsense client side 192.168.95.0/24 OpenVPN client

I can ping from:
Clients UTM -> OPNsense Clients and Transportnet etc.
OPNsense default adapter to UTM Clients (I guess its the OpenVPN adapter 10.242.2.x)
OPNsense Clients to OPNsense OpenVPN adapter 192.168.95.1 -> 10.242.2.x

I cant ping:
OPNsense clients to Transportnet UTM Adapter or Clientnet of UTM

The interesting thing is, if I switch of OPNsense Firewall (in the advanced setting) I can ping to all UTM Clients.
This is not possible even with each adapter any to any connection allowed on top of the rules.

I guess its just a small option setting which I cannot find. Does anyone have an idea or solution?

Patrick M. Hausen · May 21, 2023, 10:36:05 PM

What do the firewall rules on your LAN interface look like? Without that information it's hard to help you. My crystal ball is at the shop ;)

Punkte · May 21, 2023, 10:54:04 PM

Except the automatically generated rules, there are 2 rules:

       Protocol   Source   Port   Destination   Port   Gateway   Schedule   Description
Automatically generated rules
        IPv4 *   LAN net   *   *   *   *   *     Default allow LAN to any rule
        IPv6 *   LAN net   *   *   *   *   *     Default allow LAN IPv6 to any rule

The OpenVPN & Floating Rule are the same like IPv4, just with Source any aswell.

OpenVPN S2S - Routing Problem?

Punkte

May 21, 2023, 09:33:36 PM

Patrick M. Hausen

May 21, 2023, 10:36:05 PM #1

Punkte

May 21, 2023, 10:54:04 PM #2 Last Edit: May 21, 2023, 10:56:56 PM by Punkte