Bug #15187
closed
OpenVPN client addresses unreachable despite all rules in place and tunnel being up
0%
Description
Refer to support ticket: https://forum.netgate.com/topic/185705/p2p-vpn-server-can-t-reach-client-but-client-can-reach-server
The issue persists, even when a new opvn server and client is created.
Updated by Jim Pingle 10 months ago
- Status changed from New to Not a Bug
I don't see anything in that thread that suggests it's a bug rather than a misconfiguration somewhere. Keep discussing it in the forum for now. There are many such configurations in the wild which are working perfectly, there must be some aspect of your setup that isn't configured correctly.
Updated by Roland Giesler 10 months ago
As far as I can tell we've exhausted all the options. The routes are correct. the firewall rules allow the traffic. The addresses are not blocked by the sshguard or virusprot tables.
The client pfSense can reach all its local addresses, the server pfSense can reach the tunnel ip on the client, but nothing else on the client.
I have a shared-key P2P tunnel with the same version of pfSense that works perfectly with this setup. With this newly installed pfSense on a new server, it just does not work as expected, with the only configured difference being that the new one is using Peer-to-peer SSL/TLS instead of a shared key.
I will delete the whole machine and reinstall it all, create a new tunnel and then report back.