OpenVPN Layer3 site-to-site

  • Hi all,

    i'm having some issues configuring site-to-site vpn using OpenVPN and their guide for that

    Everything works from the client subnet - i can access the server subnet without issues. However i can only access the client openvpn and fw ips from the server subnet. Can't ping any other client subnet devices.. Installed wireshark to one of them and it shows icmp requests coming and replies leaving.

    So basically that's how things are logically connected:

    openvpn server subnet device - fw1 - openvpn server - WAN (tunnel) - openvpn client - fw2 - openvpn client subnet device

    Maybe i'm slow because it's Monday, but can't figure this out...

    What iptables rules do i need to have on the openvpn client? Anyone has the same/similar setup using openvpn?


  • If OpenVPN connects, you are past the firewall stage.

  • The main firewall config and port forwarding works fine. The issue is with the openvpn server (or client) and its iptables not handling the traffic properly.

Log in to reply