We've setup OpenVPN using pfSense 2.0.2.
Local subnet is 192.168.1.0/24, VPN clients are 10.0.1.0/24
We also have another subnet 192.168.0.0/24 which is connected through pfSense IPSec as a Site-To-Site VPN.
OpenVPN clients are able to ping hosts on 192.168.1.0/24 subnet without any problems, but are unable to ping hosts on 192.168.0.0/24.
pfSense itself is able to ping 192.168.0.0/24 clients from "Diagnostics > Ping" menu, but unable to do so from shell.
We need to enable OpenVPN clients to access hosts on 192.168.0.0./24 subnet.
Adding routes manually on OpenVPN clients doesn't help. We already tried:
route add 192.168.0.0 mask 255.255.255.0 192.168.1.254
route add 192.168.0.0 mask 255.255.255.0 192.168.0.254
route add 192.168.0.0 mask 255.255.255.0 10.0.1.1
UPD: Still unresolved issue with traffic from 192.168.0.0 to 10.0.1.0… Although hosts from 10.0.1.0 are able to access hosts on 192.168.0.0 thanks to @chris-buechler answer
Best Answer
You need two things. One, a push route on the OpenVPN server to send the clients a route. push "route 192.168.0.0 255.255.255.0" Then a second phase 2 with the local being 10.1.0.0/24 and remote 192.168.0.0/24, and vice versa on the remote end.