A capture on the site A OpenVPN interface captures echo and reply messages between the 2 sides of the tunnel. Trying from a computer on the B network, a packet capture on site A LAN does not capture anything. The B network is 192.168.5.0/24 with the gateway as. Here is the routing table for my computer on the B network. These allow me to connect to the pfSense boxes when using IPSec VPN.Īny ideas on what I'm doing wrong? I suspect the NAT rule - mostly because I've never been quite able to wrap my mind around how those work. There are other Outbound NAT rules for B's network/24 but they are for specific addresses (both pfSense boxes). I've tried the destination as both "any" and "this firewall" with the same results. I can ping from the pfSense B to various addresses on the A network.ī has an allow all firewall rule on the Open VPN tab.Ī has an allow all firewall rule on the Open VPN tab.Ī has an allow all firewall rule for port 1195 on the WAN1 tab. A computer on the B network can ping both sides of the private VPN network (10.0.27.1 and 10.0.27.2). The status page indicates that the VPN is connected, but I am unable from a computer on the B network to ping anything on the A network. I've tripled checked the OpenVPN settings between client and server and they match. I'm trying to get the VPN running on WAN1. Plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn It sounds like InstantGuard is a newer technology also, which mine does not my config.ovpn already has push "route 192.168.1.0 255.255.255.0 vpn_gateway 500" plus the one for my hub IP that you had me is that your entire config.ovpn? Mine has tons of more settings. I wish I could use wireguard based on what I have read on these forums, but my firmware does not support it (and I doubt it will ever). It worked fine, but with DNS and DHCP servers (two Synology NAS with DCHP and DNS servers on both networks), I decided to change to TUN. I have made a VPN tunnel between two routers with TAP interface. SmallNetBuilder Forums Asus Openvpn Site-to-Site config with Tun can't access client network computers The user on that thread is very knowledgeable. Here is an old thread about it on the Asus-Merlin forums with another way of setting up using the client config. That is where the route would go (I just pasted it into mine for an example) Do you have a "Custom Configs" section at the bottom of the page like this: I remember having to add something like this to my old router, not sure if the OpenVPN implementation was broken or what. This is supposed to push a route to the clients that anything for 192.168.1.x should connect to the vpn_gateway which will get translated to your router IP when the config loads. If you can SSH to your router, run: cat /etc/openvpn/server1/config.ovpnįor me there is a push route in there already which reads:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |