I have a strange scenario where I have 2 OpenVPN servers on my LAN (192.168.1.0/24) both over TUN. Server A (on 192.168.1.100) provides clients with addresses on the 172.16.0.0/24 subnet and Server B (192.168.1.1) provides clients with the 172.16.10/24 subnet.
Clients on the 2 OpenVPN Servers need to talk to each other. I've applied the following config to Server A:
push "route 172.16.1.0 255.255.255.0 192.168.1.1 1"
The resulting routing table entry for a client on Server A is:
172.16.1/24 192.168.1.1 UGSc 0 2 en0
On server B, I applied the config:
push "route 172.16.0.0 255.255.255.0 192.168.1.100 1"
On both servers, I made sure to allow access to the both the LAN and the other OpenVPN's networks. However, attempting to ping 172.16.1.1 on a client connected to Server A, results in "Network Unreachable." The similar occurs with a client on Server B.
If it is of any additional use, Server B resides on Pfsense. Server A is a virtualized OpenVPN Access Server.
Best Answer
Do a traceroute from a client in your first network to a client in your other network. You will then see, how far the IP package gets. That's where you have to investigate. Also you need to make sure Pfsense (or any other firewall rules) don't drop ICPM packages, ping and traceroute while testing.
Do the clients have default routes pointing to their respective next hops (Server A and Server B respectively)?