UPDATE (Solved): Turns out I had to add iroutes on the pfsense site using Client Specific Overrides. Not very intuitive, because I had to add the exact same subnet and subnet mask information I already put into the server configuration for the local, tunnel, and client subnets.
Here's the relevant part:
See link here: https://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_PKI_(SSL)#iroutes
You guys knew if you let me beat my head on the wall enough I'd figure it out, right? Right?
-----------------------------------------------
Actually, moved the question to the VPN thread, although I hope people who have more experience with the ASUS RT-AC66 would be able to help:
https://www.snbforums.com/threads/h...erver-and-rt-ac66w-asus-rmerlin-client.43958/
Getting stuck and not sure what I need to do. I think it may be a simple thing on my Asus but I can't seem to find anything online.
I set-up a peer-to-peer (site-to-site) openVPN server on my pfsense (v2.4) and copied all the values on it to the VPN client on the Asus running Asuswrt-Merlin firmware (v380):
pfsense side (office)
LAN: 10.69.0.0/24
Asus side (home office)
LAN: 192.168.0.0/24
IPv4 Tunnel Network
10.0.9.0/24 (pfsense is 10.0.9.1, Asus is 10.0.9.2)
Currently the VPN is up, I can ping, ssh, http/s, etc. from a machine connected to my Asus router (e.g., home_client=192.168.0.101) to a machine on my remote pfsense (e.g., office_client=10.69.0.11).
However, I can't go back the other way, except the office_client can ping 10.0.9.2, but nothing else beyond that.
What am I missing? I have the "Create NAT on tunnel" turned on, but it says "Router must be configured manually" so maybe I'm missing this step?
Thanks.
Here's the relevant part:
See link here: https://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_PKI_(SSL)#iroutes
You guys knew if you let me beat my head on the wall enough I'd figure it out, right? Right?
-----------------------------------------------
Actually, moved the question to the VPN thread, although I hope people who have more experience with the ASUS RT-AC66 would be able to help:
https://www.snbforums.com/threads/h...erver-and-rt-ac66w-asus-rmerlin-client.43958/
Getting stuck and not sure what I need to do. I think it may be a simple thing on my Asus but I can't seem to find anything online.
I set-up a peer-to-peer (site-to-site) openVPN server on my pfsense (v2.4) and copied all the values on it to the VPN client on the Asus running Asuswrt-Merlin firmware (v380):
pfsense side (office)
LAN: 10.69.0.0/24
Asus side (home office)
LAN: 192.168.0.0/24
IPv4 Tunnel Network
10.0.9.0/24 (pfsense is 10.0.9.1, Asus is 10.0.9.2)
Currently the VPN is up, I can ping, ssh, http/s, etc. from a machine connected to my Asus router (e.g., home_client=192.168.0.101) to a machine on my remote pfsense (e.g., office_client=10.69.0.11).
However, I can't go back the other way, except the office_client can ping 10.0.9.2, but nothing else beyond that.
What am I missing? I have the "Create NAT on tunnel" turned on, but it says "Router must be configured manually" so maybe I'm missing this step?
Thanks.
Last edited:
