Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
OpenVPN S2S: client to server OK but server to client fails
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN S2S: client to server OK but server to client fails (Read 971 times)
afan
Newbie
Posts: 26
Karma: 2
OpenVPN S2S: client to server OK but server to client fails
«
on:
January 19, 2023, 09:50:11 pm »
Hi all,
I've set up an OpenVPN Site2Site over the public internet. The VPN connects well, no problems there.
Name Remote Host Virtual Addr Connected Since Bytes Sent Bytes Received Status
My_OpenVPN UDP:1194 79.12.15.170 10.9.1.1 2023-01-19 20:58:26 46 KB 35 KB up
I use 10.9.1.0/24 as tunnel network (per the above) and the subnets at each site are 10.7.1.0/24 (LAN site1) and 10.8.1.0/24 (LAN site2). Site1 is runs the OpenVPN server; site2 runs the client.
Firewall rules were set to allow all traffic on the OpenVPN tunnel (regardless of source), at both sides:
Protocol Source Port Destination Port Gateway Schedule Description
IPv4 * * * * * * * Allow_OpenVPN_traffic
On the OPNsense shell of site1, I can ping 10.9.1.1 (local IP address of the tunnel) and 10.9.1.2 (which is the other side/site).
On site2 I can reach site1 just fine (I can ping 10.7.1.0/24 addresses).
However I cannot reach any IP address from site1 to site2 (e.g. 10.8.1.2).
An extract of the routing table of site2 (
https://10.8.1.1/ui/diagnostics/interface/routes
) shows entries of site1's 10.7.1.0 network:
ipv4 default 79.12.15.1 UGS NaN 1500 vmx0 My_WAN
ipv4 10.7.1.0/24 10.9.1.1 UGS NaN 1500 ovpnc1
ipv4 10.9.1.1 link#8 UH NaN 1500 ovpnc1
ipv4 10.9.1.2 link#8 UHS NaN 16384 lo0 Loopback
ipv4 10.8.1.0/24 link#2 U NaN 1500 vmx1 lan
The same applies for site1 (i.e. site2 routes exist).
I rebooted both sides just in case to no avail.
Any idea where things are going wrong?
«
Last Edit: January 19, 2023, 10:57:13 pm by afan
»
Logged
afan
Newbie
Posts: 26
Karma: 2
Re: OpenVPN S2S: client to server OK but server to client fails
«
Reply #1 on:
January 21, 2023, 07:08:08 pm »
FWIW, the day after things worked fine.
I added some firewall rules at both sides on the LAN to allow the network at the other side. I think this was the solution.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
OpenVPN S2S: client to server OK but server to client fails