acces toremote n2n ipsec over openvpn client

Hello IPFire Forum!

I am very new here in the forum and hoofe that topic does not exist yet.
If I should be too stupid to find it please help me - Thanks :slight_smile:

I have the following problem:

I have 2 sites which are connected via IPSEC N2N.

At location 1 an OPENVPN server is running.
If I am connected to the OPENVPN at location 1, I have no access to the network of location 2.

I have set everything in the firewall rules so that it should fit - but it does not work.

Where do I have a thinking error?

Or do I have to set the rules manually in the IPtables?
If so, what has to be done there?

Do you need more information?

Thanks a lot for your help :slight_smile:

Translated with www.DeepL.com/Translator (free version)

Hi Hugo,

what’s ‘toremote’ or ‘hoofe’?

In my opinion you haven’t really given much information at all. So you (your client) are at location 2 and whenever you connect to location 1 you can’t connect to any network members at location 2 anymore? If that’s the case your catchword is default route. You have set a default route to location 1 so all traffic goes there.

Where can we see that?

Cheers Terry

Hi Terry,
Sorry for my Answer.

“hoofe” - I mean “hope”

I think - sry, i know, the routes are set.
In the roadworrior (OPENVPN)

and here the routes in the OPENVPN-Client:

“TGLtoACB” route in the advanced options

Maybe the IPtables are not set?
Is there an option to set it?

PS:
I used the deepl because my English isn´t good :wink:

And Thanks for your help!

Is this a user defined or automatically created network group? There is a bug with firewall groups -> setting up user defined network groups and iptables you can see at every bootup with a connected display so you can watch the progress.

Hello Terry,
and sorry for the late reply.

I´ve Used the Firewall-Roules in the IPFire.
I´ve set the Roule from OPENvpn to IPsec “accespt all”.
But it did not Work.

Is this what you mean?

Or i´ve to create a group?

I don’t know if this can work?
To clarify.
You computer “A” is connecting to Site “B” with OPENvpn.
Site “B” is connected to Site “C” with IPSEC n2n.
You want to communicate with Site “C” threw both tunnels.

Hello,
I have the following scenario:
I have two ipfires connected over IPsec.
I am a roadwarrior (connected to site A) and want to access the network from Ipfire site B. The two IPfire are connected via IPsec. OPENvpn is for clients only.
I hope I explained it well?
Friendly greetings