Site to Site with pfSense

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
killmasta93
DD-WRT User


Joined: 13 Feb 2015
Posts: 112
PostPosted: Sun Mar 19, 2017 0:07    Post subject: Site to Site with pfSense Reply with quote
i, I was wondering if someone has successfully accomplished site to site as pfSense is running the OpenVPN server and the client DDWRT (R7000 Kongac). I was looking around many guides as most of them show as DDWRT running the server, this is what i got so far see pictures

The idea is i need Site A (pfSense Server) to ping Site B (DDWRT client) because on site B i have NAS which needs to be able to ping one of the servers which is in Site A

Thank you
_________________
Tutorials:

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280622&highlight=
Back to top View user's profile Send private message Send e-mail
Sponsor
killmasta93
DD-WRT User


Joined: 13 Feb 2015
Posts: 112
PostPosted: Mon Mar 20, 2017 1:12    Post subject: Reply with quote
Thanks for the reply so I ended up changing a bit everything i was looking around found on pfSense forums a person who did a script

http://pastebin.com/nzCkm5dL

Then add these rules to the firewall on DDWRT

iptables -I INPUT 2 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

Then on pfSense i see it gets connected which is great

http://imgur.com/a/hwSTn

but i cannot ping on pfsense to DDWRT or vise versa but on status shows this http://imgur.com/FB4DoqW

and changed my pfSense config

http://imgur.com/0b8znzB

Thank you again
_________________
Tutorials:

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280622&highlight=
Back to top View user's profile Send private message Send e-mail
killmasta93
DD-WRT User


Joined: 13 Feb 2015
Posts: 112
PostPosted: Mon Mar 20, 2017 22:07    Post subject: Reply with quote
Thank you for the reply, as you were completely right it was an issue with the CA cert on pfSense. Right now everything seems to be connected correctly whats odd that the night hawk DDWRT can ping pfsense but pfSense cannot ping DDWRT, might that be something with iptables? or does it have to do something with pfSense also?

Thank you
_________________
Tutorials:

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280622&highlight=
Back to top View user's profile Send private message Send e-mail
killmasta93
DD-WRT User


Joined: 13 Feb 2015
Posts: 112
PostPosted: Sat Mar 25, 2017 22:05    Post subject: Reply with quote
So im sorry for being so ignorant as i was stuck on this for a while but finally solved the issue while reading how OpenVPN works,

OpenVPN uses this table



[ 1, 2] [ 5, 6] [ 9, 10] [ 13, 14] [ 17, 18]
[ 21, 22] [ 25, 26] [ 29, 30] [ 33, 34] [ 37, 38]
[ 41, 42] [ 45, 46] [ 49, 50] [ 53, 54] [ 57, 58]
[ 61, 62] [ 65, 66] [ 69, 70] [ 73, 74] [ 77, 78]
[ 81, 82] [ 85, 86] [ 89, 90] [ 93, 94] [ 97, 98]
[101,102] [105,106] [109,110] [113,114] [117,118]


Meaning if my config on OpenVPN server is ifconfig 192.168.90.1 192.168.90.2

so then i needed to give my client overide this, the client gets 192.168.90.5 and the gateway is 192.168.90.6



ifconfig-push 192.168.90.5 192.168.90.6
iroute 192.168.1.0 255.255.255.0


Felt so silly after one week

Now pfSense can ping DDWRT so at the end it was not DDWRT issue

Hope this helps someone else

and thank you again
_________________
Tutorials:

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280622&highlight=
Back to top View user's profile Send private message Send e-mail
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum