pfSense Support Subscription

Author Topic: open vpn site to site and roadwarrior  (Read 908 times)

0 Members and 1 Guest are viewing this topic.

Offline rajbps

  • Full Member
  • ***
  • Posts: 114
    • View Profile
open vpn site to site and roadwarrior
« on: August 24, 2012, 02:22:16 am »
Hi guys,

I have pfsense running and connected to 2 remote offices (site to site connecteion) without any problem.Then I have the local subnets from those sites pushed down with roadwarrior when someone connects to radwarrior and everything worked well till now.

I have a new office that been connected abd work well if I am on the vlan for that office but roadwarrior will allow a connection to there even though the route is pushed down when conected.


Main office vlans : 0,4,5,6,10,11,23,25,26,27,29

local subnets
1 office vlan 192.168.20.0/24
2 office vlan 10.1.4.0
3 office vlan 192.168.28.0


NO    UDP / 1195    10.0.1.0/24    Local roadworrior    [edit server]   [delete server]
NO    UDP / 1194    10.0.20.0/24    office 1    [edit server]   [delete server]
NO    UDP / 1198    10.0.70.0/24    Office 2    [edit server]   [delete server]
NO    UDP / 1196    10.0.2.0/24    Local backup    [edit server]   [delete server]
NO    UDP / 1197    10.0.28.0/24    Office 3    [edit server]   [delete server

Here are the routes on the pfsense:

default    x.x.x.x    UGS    0    1698347    1500    bge0    
10.0.1.0/24    10.0.1.2    UGS    0    3060    1500    ovpns1    
10.0.1.1    link#19    UHS    0    0    16384    lo0    
10.0.1.2    link#19    UH    0    0    1500    ovpns1    
10.0.2.0/24    10.0.2.2    UGS    0    0    1500    ovpns4    
10.0.2.1    link#22    UHS    0    0    16384    lo0    
10.0.2.2    link#22    UH    0    0    1500    ovpns4    
10.0.20.1    link#20    UHS    0    0    16384    lo0    
10.0.20.2    link#20    UH    0    0    1500    ovpns2    
10.0.23.0/24    10.0.20.2    UGS    0    0    1500    ovpns2    
10.0.28.1    link#23    UHS    0    0    16384    lo0    
10.0.28.2    link#23    UH    0    0    1500    ovpns5    
10.0.70.1    link#21    UHS    0    0    16384    lo0    
10.0.70.2    link#21    UH    0    0    1500    ovpns3    
10.1.4.0/24    10.0.70.2    UGS    0    0    1500    ovpns3    
x.x.x.x    link#5    U    0    172033    1500    bge0    
x.x.x.x    link#5    UHS    0    0    16384    lo0    
127.0.0.1    link#9    UH    0    206139    16384    lo0    
192.168.0.0/24    link#6    U    0    2588522    1500    bge1    
192.168.0.251    link#6    UHS    0    288    16384    lo0    
192.168.4.0/24    link#17    U    0    0    1500    bge1_vlan4    
192.168.4.251    link#17    UHS    0    0    16384    lo0    
192.168.5.0/24    link#3    U    0    0    1500    em2    
192.168.5.251    link#3    UHS    0    0    16384    lo0    
192.168.6.0/24    link#4    U    0    0    1500    em3    
192.168.6.251    link#4    UHS    0    0    16384    lo0    
192.168.10.0/24    link#11    U    0    0    1500    bge1_vlan10    
192.168.10.251    link#11    UHS    0    0    16384    lo0    
192.168.11.0/24    link#12    U    0    0    1500    bge1_vlan11    
192.168.11.251    link#12    UHS    0    0    16384    lo0    
192.168.20.0/24    10.0.20.2    UGS    0    11355    1500    ovpns2    
192.168.23.0/24    link#13    U    0    12701    1500    bge1_vlan23    
192.168.23.251    link#13    UHS    0    0    16384    lo0    
192.168.25.0/24    link#14    U    0    34399    1500    bge1_vlan25    
192.168.25.251    link#14    UHS    0    0    16384    lo0    
192.168.26.0/24    link#15    U    0    715633    1500    bge1_vlan26    
192.168.26.251    link#15    UHS    0    0    16384    lo0    
192.168.27.0/24    link#16    U    0    514736    1500    bge1_vlan27    
192.168.27.251    link#16    UHS    0    0    16384    lo0    
192.168.28.0/24    10.0.28.2    UGS    0    1254    1500    ovpns5    
192.168.29.0/24    link#18    U    0    31398    1500    bge1_vlan29    
192.168.29.251    link#18    UHS    0    0    16384    lo0    
194.168.4.100    00:14:5e:7e:42:88    UHS    0    47653    1500    bge0    
194.168.8.100    00:14:5e:7e:42:88    UHS    0    47598    1500    bge0



Here is whats being pushed down to via roadwarrior:

push "route 192.168.4.0 255.255.255.0";push "route 192.168.5.0 255.255.255.0";push "route 192.168.6.0 255.255.255.0";push "route 192.168.10.0 255.255.255.0";push "route 192.168.11.0 255.255.255.0";push "route 192.168.20.0 255.255.255.0";push "route 192.168.23.0 255.255.255.0";push "route 192.168.25.0 255.255.255.0";push "route 192.168.26.0 255.255.255.0";push "route 192.168.27.0 255.255.255.0";push "route 192.168.28.0 255.255.255.0";push "route 192.168.29.0 255.255.255.0";

If anyone can shed some light on this as to why when connected via roadwarrior, I cant get to the 192.168.28.0/24 which in the office 3 local subnet.

Cheers,

Raj


Offline rajbps

  • Full Member
  • ***
  • Posts: 114
    • View Profile
Re: open vpn site to site and roadwarrior
« Reply #1 on: August 25, 2012, 03:48:42 am »
Hi guys anyone has any ideas on what could be going wrong pls?

Offline rajbps

  • Full Member
  • ***
  • Posts: 114
    • View Profile
Re: open vpn site to site and roadwarrior
« Reply #2 on: August 25, 2012, 05:56:40 pm »
Sorry guys checked my config and realised that I forgot to add the route back from the client site to site to the roadwarrior.

Cheers,

Raj