Posted: Thu Apr 12, 2012 15:38 Post subject: DD-WRT as OpenVPN client to pfSense - Site-to-Site help
I've been struggling for weeks now to set up OpenVPN on DD-WRT as a client to a pfSense box, which also acts as an OpenVPN server.
On pfSense side all is well, OpenVPN is fully configured via web interface, keys auth etc. are well setup, tested working with a Windows client.
On DD-WRT side (Asus WL-500GP hardware with mega build 14929) I enabled JFFS, and copied openvpn client config file+keys there. I created a startup script in /jffs/etc/config/vpn.ipup, which restarts the OpenVPN client every time WAN IP address changes or box boots, etc.
OpenVPN client starts up fine with this script, it connects properly to the server. I can ping from the router the server side, I can ping any machine behind the pfSense box, on that LAN fine.
However I can't ping from any machine in the DD-WRT's own LAN through the tunnel. I don't want NAT, I'd like to achieve this via routing.
Also I can't ping from the OpenVPN server machine any leg of the tunnel, thus I can't ping the DD-WRT box's LAN or TAP IP address at all.
172.22.222.0/24 is the LAN side of the pfSense (OpenVPN server) box.
192.168.77.0/24 is the LAN side of the DD-WRT (OpenVPN client) box.
172.22.227.0/24 is the tunnel network
Any ideas please what other manual route commands (beside what OpenVPN adds by itself) should I enter in DD-WRT (using the startup script) in order to achieve the following?
What I need:
- have the DD-WRT box act as an OpenVPN client
- the network behind DD-WRT have internet access through the local WAN, as usually NATted
- the network behind DD-WRT have access to the network behind pfSense thorugh OpenVPN routed
- network behind pfSense have access to the network behind DD-WRT also routed.