Netgate SG-1000 microFirewall

Author Topic: simple site to site, not even ping the server once connected  (Read 95 times)

0 Members and 1 Guest are viewing this topic.

Offline adv

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
simple site to site, not even ping the server once connected
« on: February 02, 2018, 06:39:39 am »
Hi everybody  :)

I try to figure out something since a couple of days without success. Iím in an IT position, but not network specialist and English is not my native language which doensít facilitate the troubleshooting.

For sure I made some searches on this forum and tried some tutorials even in my native language, but without success so far. I would like to be sure to understand what I do.

Thank you by advance for your help.

Scenario.

At work I have a pFSense 2.4 acting as router, an Internet Access (static public IP) on WAN, few computers on LAN on 192.168.2.0/24

At home I have an Internet access and a Synology NAS acting as OpenVPN server, on network 192.168.1.0/24, VPN clients get 10.8.0.0/24

I would like, from the LAN at work on 192.168.2.0/24, access home resources on 192.168.1.0/24
Itís working fine with OpenVPN Gui (on the Synology I checked the box to ę enable access to local nework Ľ).

I would like to build a simple site to site so no need to use OpenVPN Gui anymore.

In VPN client / Tunnel settings I put :
IPv4 Tunnel Network : 10.8.0.0/24
IPv4 Remote network(s) : 192.168.1.0/24
Settings as General Information / User auth / Cryptographic are correct as Iím connected: picture attached

I created a rule Firewall / OpenVPN : picture attached

Here is what I have in Firewall / NAT / Outbound, I understood it could be important... : picture attached

Here is a ping from OpenVPN virtual interface to the VPN server (10.8.0.5) :

I'm sure I missed a step, and it's probably obvious for you but... I'm blocked...

Thank you for your good advices.

Antoine.

« Last Edit: February 03, 2018, 05:06:18 pm by adv »

Offline adv

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: simple site to site, not even ping the server once connected
« Reply #1 on: February 03, 2018, 05:19:20 pm »
Hi gentlemen,

not able to figure out so far...

However my route table seems fine doesn't it ?  ???

Sure I'm not far from the end, seems so simple, did I miss something ?

Thanks.