Problems with local connection in peer to peer OpenVPN on pfsense

This is the forum to post your config. Include diagrams, usage graphs, and all the other goodies to show off your network.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
vitorc1208
OpenVpn Newbie
Posts: 1
Joined: Wed Sep 14, 2022 6:16 pm

Problems with local connection in peer to peer OpenVPN on pfsense

Post by vitorc1208 » Wed Sep 14, 2022 6:27 pm

Before I start talking about the problem I would like to inform you that I have been looking for a solution to this problem for a long time, I have seen videos, articles, testimonials on various forums, as well as some colleagues trying to help me.

I performed a site to site(openVPN) pfsense configuration for pfsense, to connect two networks, a matrix to a branch and both have access to each other's local network. The connection is all ok, closed and dripping with each other. The Client and its users can ping the server's local network smoothly, but the Server and its users cannot access or ping the client's local network through the tunnel.

I tried some of Nat's rules. But without success. I'll put all my setup to see if anyone can help me understand where I'm going wrong.

Server Settings

Code: Select all

dev ovpns1
verb 1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp4
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 10.158.0.221
tls-server
server 10.54.54.0 255.255.255.0
client-config-dir /var/etc/openvpn/server1/csc
ifconfig 10.54.54.1 10.54.54.2
lport 5454
management /var/etc/openvpn/server1/sock unix
push "route 10.111.0.0 255.255.255.0"
remote-cert-tls client
route 10.112.0.0 255.255.255.0
capath /var/etc/openvpn/server1/ca
cert /var/etc/openvpn/server1/cert
key /var/etc/openvpn/server1/key
dh /etc/dh-parameters.2048
tls-auth /var/etc/openvpn/server1/tls-auth 0
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
data-ciphers-fallback AES-256-CBC
allow-compression no
topology subnet
explicit-exit-notify 1
inactive 300
Client Settings

Code: Select all

dev ovpnc1
verb 1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp4
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 10.158.0.222
tls-client
client
lport 0
management /var/etc/openvpn/client1/sock unix
remote 10.158.0.221 5454 udp4
ifconfig 10.54.54.2 10.54.54.1
remote-cert-tls server
route 10.111.0.0 255.255.255.0
capath /var/etc/openvpn/client1/ca
cert /var/etc/openvpn/client1/cert
key /var/etc/openvpn/client1/key
tls-auth /var/etc/openvpn/client1/tls-auth 1
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
data-ciphers-fallback AES-256-CBC
allow-compression no
resolv-retry infinite
topology subnet
explicit-exit-notify 1


Network System Image
Image

Server Images

FirewallLAN
Image

FirewallNAT
Image

FirewallOpenVPN
Image

FirewallWAN
Image

pfTop in ping start
Image

Pign to client network
Image

**Client Images**

FirewallNAT
Image

Post Reply