Is it possible to use the VPN on the same LAN network as the OpenVPN server?
-
Hi!, I have an OpenVPN server configured to connect remotely to a server and it works correctly but I frequently have to go to the site where the server is located and to work with the server I do it through the LAN. The problem is that if I forget to disconnect my computer from The VPN, when connected to the LAN, there is a conflict that prevents me from connecting to the server and I have the feeling that the speed of the Internet connection drops.
This is easily solved by disconnecting the VPN from my computer, but I would like to know if there is an option so that it is not necessary to disconnect the VPN to connect to the server, in other words that the VPN functions on the same network as the OpenVPN server. Thank you!.
-
@ErickJ
Connect to the OpenVPN server from inside the LAN makes no sense at all anyway. So I would block access to the server from LAN. Then your client is not able to reconnect and LAN access should work normally.This means, add a reject rule to the LAN interface for the proper protocol you use for OpenVPN, with destination "This firewall" and the OpenVPN server port.
-
Thank you!, yes of course I know it doesn't make any sense but I find it somewhat annoying to forget to disconnect the VPN and have those problems.
-
@viragomann said in Is it possible to use the VPN on the same LAN network as the OpenVPN server?:
@ErickJ
Connect to the OpenVPN server from inside the LAN makes no sense at all anyway. So I would block access to the server from LAN. Then your client is not able to reconnect and LAN access should work normally.This means, add a reject rule to the LAN interface for the proper protocol you use for OpenVPN, with destination "This firewall" and the OpenVPN server port.
Are you sure about this?
Tried that a while back and it didn't disconnect the VPN, which caused all traffic to drop. It would work if you tried to establish a connection from the LAN, but in a case where you were already connected on mobile, then it switched to wifi it didn't work.
Maybe I missed a setting somewhere? -
@Jarhead
No, didn't try it to be honest.
I was expecting that, since pfSense has no state for the VPN on the LAN, the connection would be dropped and the client needs to reconnect. But you say, it isn't? -
@viragomann I actually just tried it again a little while ago, didn't work.
It does work in the form of rejecting the traffic, ie the rule works, but the problem is since the vpn was already connected , ie on mobile with no wifi connected, the routes were already in place to use the vpn. Then when it connects to the wifi, I'm guessing those routes don't get flushed, but the vpn does get rejected which kills all traffic from the phone.
I wonder if there's a "flush routes on reconnect" option in OpenVPN??
Gonna Google now. -
@viragomann said in Is it possible to use the VPN on the same LAN network as the OpenVPN server?:
Connect to the OpenVPN server from inside the LAN makes no sense at all anyway.
But it does work, at least here it does. However, that would depend on how you configure the server and what interfaces it listens to. Since I wanted to be able to connect via both IPv4 and IPv6, I had to choose the multihome connection.
