Our company has two sites, located 100 miles apart. I have separated these two sites by using 2 separate subnets, a Server 2012r2 Domain Controller at each site, a pfSense at each site, and each site has its own Internet access. The two sites are physically connected by a dedicated fiber bridge from Charter. There are no IPs on the Charter connections or equipment. Attached is a drawing of the layout I am using. Everything works from site A to Site B, I can ping from workstations in site A and it will resolve the IP from Site B, but I cannot get Site B DNS to resolve any IP from Site A. Site B does resolve IP addresses from its own subnet. At each site I have a static route. I am also having issues with Server 2012r2 DNS replicating between the domain controllers at each site. Has anyone else seen this type of issue?
Hi,
Have you done a traceroute to check where exactly it’s getting stuck?
Thank you for responding. I had run traceroute from both sides, but it was only showing the end-point as LAN. I have since figured out the issue. The issue was that I had configured the IPSEC route first. This gave the IPSEC precedence over the other route that I created. I had disabled the connection on the site A end, thinking that would naturally force traffic to the other path. However, the route was still being used by site B, even though their was not a destination. Traffic from A to B was working great over the fiber bridge connection, but return traffic kept wanting to go out the IPSEC port. After disabling IPSEC on both ends, all systems became fully functional over the fiber bridge. I now have the fiber bridge working properly as well as an OpenVPN failover connection. Thanks again for responding.