1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site-to-site to pfsense

Discussion in 'Tomato Firmware' started by mcamino, Mar 6, 2010.

  1. mcamino

    mcamino LI Guru Member

    Hello. I am trying to get a working site-to-site vpn setup and I am running into some problems getting it to work. Let me start off with i have googled and searched the forums and i do not see an answer to my problem. I did find two very good articles which have helped me get me as far as i have gotten.


    So this is my setup ----> (pfsence) 74.109.X.Y (Static ip) ---> internet ----> dynamic ip (WRT54G running tomato firmware with openvpn installed) ----->

    My goal is for any client on both subnets to see eachother.

    I have attached screen shots to show my current config.

    The tunnel seems to be coming up as i get no errors on either end of the connection. But i can not ping across it or ping any of the gateways ( or I assume i am missing a firewall or routing statement but i am not sure where or what to put.

    can anyone provide some help and guidance what i am missing to make this work?

    Attached Files:

  2. woodmouze

    woodmouze LI Guru Member

    Does it work now ?

    Hi, have you been able to make it work ?
    Or did you give up on this...

    I am having the same setup... and when using OpenVPN on a Windows server (behind pfSense) it works fine (that is, if I also enable the internet gateway on Tomato - which makes all traffic pass pfsense, which I don't like ofcourse).

    But maybe, you figured it already out by now (or had some better luck searching), as I am too googling and browsing forums all around, to make this work.

    Kind regards,
  3. mcamino

    mcamino LI Guru Member

    Actually i did figure it out. The issue was i had to add a firewall statement to allow port 1195 through the firewall on pfsense.Once i did that the Openvpn tunnel formed properly and everything started to work. I also upgraded the tomatovpn version and did a full erase. I am not sure if that was a required step but it began to work after both those items. One thing to keep in mind is the pfsense box can not reuse the same ports for multiple vpns. So if you have 3 devices you will need to setup ports 1195, 1196,1197 and run each openvpn instance under it's own ports. That wasnt a big deal for me but it was something i learned working on this issue that i thought i would pass along as well.

Share This Page