Hi all,
I have a L2TP VPN (for mobile clients) and a site-to-site VPN with an other site. Basically, I have the following setup :
- Site A (running VyOs): internal interface (eth1) 172.18.4.0/24
- Site B (running PfSense): internal interface 172.18.5.0/24
I’m trying to get access to the remote private network on site B (172.18.5.0/24) while i’m on the L2TP VPN on site A but unfortunately I can’t (after hours of trials).
Here is my L2TP config (x for anonymous data) :
remote-access {
authentication {
mode radius
radius-server 172.18.4.4 {
key xxxx
}
require pap
}
client-ip-pool {
start 172.18.10.11
stop 172.18.10.99
}
dns-servers {
server-1 172.18.4.4
}
ipsec-settings {
authentication {
mode pre-shared-secret
pre-shared-secret xxx
}
}
outside-address WAN_ADDR
}
Here is my site-to-site:
authentication {
mode pre-shared-secret
pre-shared-secret xxxx
}
connection-type initiate
default-esp-group standard-ESP-group
ike-group standard-IKE-group
ikev2-reauth inherit
local-address WAN_ADDR
tunnel 1 {
allow-nat-networks disable
allow-public-networks disable
local {
prefix 172.18.4.0/24
}
remote {
prefix 172.18.5.0/24
}
}
Here is my source nat config :
rule 10 {
destination {
address 172.18.0.0/16
}
exclude
outbound-interface any
}
rule 47 {
description VPN
outbound-interface eth0
source {
address 172.18.10.0/24
}
translation {
address WAN_ADDR
}
}
While on the VPN, impossible to ping a site B remote host (while I have access on the VyOs itself) :
[code]root@vyos# ping 172.18.5.2
PING 172.18.5.2 (172.18.5.2) 56(84) bytes of data.
64 bytes from 172.18.5.2: icmp_req=1 ttl=63 time=9.26 ms
64 bytes from 172.18.5.2: icmp_req=2 ttl=63 time=11.2 ms
64 bytes from 172.18.5.2: icmp_req=3 ttl=63 time=10.9 ms
root@l2tpclient# ping 172.18.5.2
PING 172.18.5.2 (172.18.5.2): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2[/code]
Can someone help me ? Many thanks 