[SOLVED] OpenVPN Clients can connect to LAN, but not shared files
-
I have been pulling my hair out trying to get this issue resolved and tried everything I have been able to find online (including in these forums) to no avail. Any suggestions would be appreciated.
Quick Summary:
- We have a Windows Server 2012 R2 Domain with all clients running W10 Pro.
- Used to use a Neatgear router VPN but have since outgrown that - moved to pfSense a few days ago
- Staff need to access network resources remotely while on the VPN, including intranet sites and local devices (IIS, file server management interface, etc).
- We have a Synology NAS file server, along with three other servers for printing and various applications.
The problem:
- Certs are setup, and OpenVPN was configured with the Wizard - very simple setup.
- Clients can login and connect with no issues
- Internal devices can be accessed but only through a browser - I can connect to a printer's management site by going to its IP and it comes up instantly.
- File Sharing appears to be blocked - I cannot directly connect to any shared drives or folders, even having tried three different systems on the network.
- The Gateway always appears blank when I run ipconfig, no matter what I do
What I've tried so far, with no success:
- I completely disabled the Windows Firewall on a VPN Client and on one system in the network to see if that was the cause - it made no difference .
- I added the 10.0.0.0 - 10.0.0.9 scope to File and Printer Sharing (SMB) inbound rules on a network workstation
- Added push "route 192.168.1.0 255.255.255.0" to the config file
- Specified IP, Subnet Mask & Gateway in the TAP Ethernet adapter's settings (Gateway still appears blank)
Current settings:
- OpenVPN is running (tun device) on tunnel network 10.0.0.0/24
- OpenVPN set to port 1194
- Current max of 5 clients set
- IPv4 Local network is set to 192.168.1.0/24 (the LAN)
- pfSense box is the network gateway, sitting at 192.168.1.1
- pfSense firewall set to * source, * destination, listening on port 1194
- Default WAN gateway is set to 'dynamic' - unchanged from how it setup automatically. OpenVPN server is set to reference this default setting.
At this point, it feels like it's 95% of the way there - users can authenticate, connect, and access devices through web ports. They just can't access file shares which is a big deal as it makes the VPN useless for almost everything they need to do.
Thanks in advance.
-
For anyone who has this problem in the future, I did a facepalm when I realized it was DNS.
We have a local DNS server which the default adapters are set to through DHCP. However, it had to be configured on the OpenVPN server as well. I had done it the first time, but deleted my entire OpenVPN setup as it wasn't working at all - redid it from scratch and forgot to tick the box for specifying a DNS server.
I went back and did that, reconnected, and it all works. My eureka moment was trying the file server by its direct IP instead of UNC - it worked flawlessly.
I feel like an idiot for not realizing this sooner but hopefully someone who has the same brain fart as me can benefit from my post. I hate DNS….