The Disclaimer:
I'm not a networking professional, I'm doing networking at my company on the side because I'm the only one with an it background (level of expertise: "knowing enough to be dangerous").
I'd really appriciate any help narrowing down the following problem so I can maybe ask more specific questions in a related vendor/community subreddit like /r/openwrt/, /r/OpenVPN/ or /r/PFSENSE/.
The requirement:
- My company wants to connect some IP Cameras in our warehouse (lager) to the dvr in the main office.
- Here is a network diagram: http://stable.ascii-flow.appspot.com/#Draw7758801818203273020
- The way the dvr works requires it to connect from site 1 (static ip) to lte-router(dyn. ip) (or more specifically the connected cameras) at site 2.
The problem:
- The connection only works from site 2 to site 1 and not the other way around
- Pinging from the lte-router to the dvr (10.0.1.10) works perfectly fine.
- Pinging from the dvr to the lte-router openvpn ip (10.0.253.2) works.
- Pinging from the dvr to the lte-routers lan ip (10.22.1.1) doesn't work.. Sadly that't what I need.
What I checked:
- OpenVPN config on lte-router: https://pastebin.com/HwEfVGQK
- OpenVPN config on server: https://imgur.com/5rQzZvE
- OpenVPN on pfSense recognizes the connection as (server-client) but it is configured as peer-to-peer. Compare this https://imgur.com/a/wFicW6V with [2].
- Routes: https://pastebin.com/raw/T6fMB080
- package capture of the ping from the dvr on the vpn interfece of the pfsense shows:
- capturing the ping from the lte-router on the vpn interfece of the pfsense shows:
- IP 10.0.253.2 > 10.0.1.10: ICMP echo request
- IP 10.0.1.10 > 10.0.253.2: ICMP echo reply
I already wasted two days on this and I'm all out of ideas. Is there something obvious I'm missing?
Any help would be greatly appreciated!
No comments:
Post a Comment