What should be the routes for Site to Site OpenVpn?

D

Denis Goltsev2015-10-21 08:18:06

linux

Denis Goltsev, 2015-10-21 08:18:06

Good afternoon. There was a task to raise the OpenVPN server and the client to one in the office of the second in the cloud. We decided to use PFSense for this. I've already started doing something, but for some reason I can't ping users within the network. In general, the configuration turned out like this

And on the same network, users - PFsense1 (DMZ, with OpenVPN server) - Asus Router - Internet - Pfsense2 (with OpenVPN client)

. The first thing that did not work was an attempt to ping the users behind the nat from the second PFsense. And it confuses me that I will have to run another OpenVPN server for 2 pf, and then from the server to the client interface from it to VPN 1 and further to the network. It turns out complete abracadabra, can someone share their experience or some thoughts.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

M

Maksim, 2015-10-21
@SqIdWaRd

All correctly wrote complete nonsense.
Give people the right information.
Just a little more information:
1.where are the IP/mask?
2. Do the client and server (openvpn) ping each other?
In the end, draw a diagram - maybe everything will work out in your head.

V

Valentin, 2015-10-21
@vvpoloskin

What should be the routes for Site to Site OpenVpn?

The ones you need. According to the developed address plan and communication scheme.

V

Viktor Maksimov, 2015-10-21
@ValorVl

Usually, OpenVPN configs and a network map with addressing + what should go where are attached to such questions.

O

Oleg Nerwin, 2015-10-21
@Nerwin

For what nat, for nat there can be nothing to respond. If tun is the interface, then on the server, in the client config, there should be iroute network_behind_this_client, in the main config push "route network_behind_server" and route network_behind_client. I don’t remember how to register this with checkmarks in the webmord, text configs rule. And no Nata.