2 parallel firewall, same Lan, VPN on this fw can not ping sever gateway other

huuich · February 07, 2021, 04:45:47 AM

I have 2 parallel firewall running lastest version 21.1, same Lan like picture attached

On fw 2 can ping File Sever 1 (gateway firewall 1), on fw 1 can ping File Server 2 (gateway firewall 2)

I've configured VPN on firewall 2 follow step by step this doc: https://docs.opnsense.org/manual/how-tos/sslvpn_client.html And almost everything work ok but on Remote Computer I only can ping File Server 2 (gateway fw 2) and can not not ping File Server 1 (gateway firewall 1) though they are on the same Lan.

How can I do to VPN computer on firewall 2 can ping sever gateway firewall 1?

astuckey · May 20, 2021, 07:18:05 PM

This looks like an asymmetrical routing issue.
As the VPN client source address is in a different subnet to 192.168.1.0/24, the response packet of the ping will need to use it's assigned gateway, which is 192.168.1.1, which won't know what to do with the source address of 10.10.0.1.

huuich · June 24, 2021, 04:31:54 AM

Thanks for your reply, so what can I do to fix this?

2 parallel firewall, same Lan, VPN on this fw can not ping sever gateway other

huuich

February 07, 2021, 04:45:47 AM

astuckey

May 20, 2021, 07:18:05 PM #1

huuich

June 24, 2021, 04:31:54 AM #2