Need help setting up a tunnel

[jason4785]

Hello,

Hopefully someone here can see my mistake, I have been trying for 3 days now without luck to set up a OpenVPN tunnel between Pfsense and a DD-wrt router. I am able to get the tunnel up but, traffic can not flow from client lan to remote lan, only from remote to client lan.

Network setup:
Server local LAN 10.0.0.0/24
OpenVPN tunnel LAN 172.16.2.0/30
Client remote LAN 192.168.2.0/24

Routes on pfsense server with tunnel up (some lines omitted):
Destination Gateway Flags Use Mtu Netif Expire
default XXX.XXX.XXX.XXX UGS 709657 1500 vtnet0
10.0.0.0/24 link#2 U 37357 1500 vtnet1
10.0.0.1 link#2 UHS 0 16384 lo0
127.0.0.1 link#4 UH 155547 16384 lo0
172.16.2.1 link#7 UHS 0 16384 lo0
172.16.2.2 link#7 UH 0 1400 ovpns1
192.168.2.0/24 172.16.2.2 UGS 4442 1400 ovpns1

Routes on dd-wrt router:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 vlan2
10.0.0.0 172.16.2.1 255.255.255.0 UG 0 0 0 tun1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
172.16.2.1 0.0.0.0 255.255.255.255 UH 0 0 0 tun1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 br0

According to these rules, as far as I understand, traffic from client LAN for 10.0.0.0 subnet is sent to 172.16.2.1 and traffic for 192.168.2.0 to 172.16.2.2.

I have confirmed the following with wireshark on the client laptop and ntopng op pfsense:
Traffic from pfsense to my client laptop is visible, no reply is sent (172.16.2.1 > 192.168.2.127)
Traffic from server on the 10.0.0.0 LAN is visible, no reply is sent (10.0.0.2 > 192.168.2.127)
No traffic from client LAN seems to reach server LAN.

On dd-wrt I can not ping the local tunnel ip (.2) but on pfsense I can ping .1.

So I sense an issue on dd-wrt or I am missing something completely here...

Edit: I just found out that I was not allowing ICMP traffic to pass.