Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN, DNS server, hostname access for OpenVPN client

    Scheduled Pinned Locked Moved
    OpenVPN
    1
    1
    301
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lifespeed
      last edited by lifespeed

      I mistakenly posted this in the Routing and WAN forum, where it got no response. I don't know how to move it, so mods feel free to delete the redundant post.

      I connected a windows 10 OpenVPN client to my pfSense network using the following tunnel addresses:

      192.168.2.0/24
fd45::/64

      The pfSense LAN network addresses are:

      192.168.1.0/24
2601:xxxx:xxxx:3800::/64

      IPv6 is fully functional on this network including a server with GUA IPv6 accessible from WAN.

      From a remote OpenVPN client I can access web servers running on the host on the OpenVPN server LAN only by LAN IPv4 address, not host name or IPv6. I can't ping the windows host by IPv4 or IPv6 nor by hostname despite pushing routes in the OpenVPN advanced configuration. It almost seems as though the client isn't using pfSense as the DNS server, which is running DNS resolver. Is a route available between VPN and LAN subnets, as I can access hosts on the pfSense LAN by IPv4 address? Why not IPv6 or hostname? Does it matter I put fd45::/64 in the IPv6 tunnel network, what should I put there?

      Here are some of the OpenVPN server settings:
      openvpn tunnel settings.png
      openvpn advanced client.PNG
      openvpn advanced config.png

      Here is a windows 10 host on the LAN that I can access it's web servers:

      Windows IP Configuration

   Host Name . . . . . . . . . . . . : media-server-pc
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : mypublicdomain.com

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . : mypublicdomain.com
   Description . . . . . . . . . . . : Mellanox ConnectX-3 Ethernet Adapter
   Physical Address. . . . . . . . . : EC-0D-9A-2C-14-70
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:xxxx:xxxx:3800:f749:b327:f336:3572(Preferred)
   IPv6 Address. . . . . . . . . . . : fd38:xxxx:xxxx:1:367c:dfef:fcbc:5eeb(Preferred)
   Link-local IPv6 Address . . . . . : fe80::a0e7:5877:e5e8:4035%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.50(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, December 21, 2023 4:05:15 PM
   Lease Expires . . . . . . . . . . : Monday, January 1, 2024 6:38:52 PM
   Default Gateway . . . . . . . . . : fe80::225:90ff:febb:bf0c%4
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 552340890
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-19-13-C7-40-8D-5C-B6-47-55
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       2601:xxxx:xxxx:3800:225:90ff:febb:bf0c
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       mypublicdomain.com

      Here is the Windows 10 OpenVPN client ipconfig:

      Windows IP Configuration

   Host Name . . . . . . . . . . . . : oo-reg01-lt
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Unknown adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9 for OpenVPN Connect
   Physical Address. . . . . . . . . : 00-FF-82-8B-3D-A8
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:xxxx:xxxx:3800::1000(Preferred)
   Link-local IPv6 Address . . . . . : fe80::567c:53a3:83c7:7d99%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 687931266
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-F3-39-C1-B4-A9-FC-EF-76-C2
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

      I notice the VPN client ipconfig doesn't say it is on mypublicdomain.com, is that a problem? Where have I gone wrong in connecting the VPN client to the OpenVPN LAN?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post