Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Two routers, one for DHCP and one for OpenVPN Server

    NAT
    2
    3
    613
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rfx88
      last edited by

      Hi!

      I have this setup at my home network:

      I want my OpenVPN clients to be part of my home network. I want to be able to access them.

      AC3200 is acting as my main gateway, and I want to use it as DHCP server for local and VPN clients.

      I've set up a OpenVPN server (type: TAP) on Pfsense but I'm not sure about the config and I'm not sure that NAT is setup correctly.

      • Bridge DHCP:
        True: Allow clients on the bridge to obtain DHCP.

      • Bridge Interface:
        WAN

      • Redirect Gateway:
        True: Force all client generated traffic through the tunnel.

      • Inter-client communication:
        True: Allow communication between clients connected to this server

      • Custom options:
        push "redirect-gateway def1";push "route x.x.x.0 255.255.255.0"; push "route-gateway x.x.x.1"

      Everytime I try to connect I get an error: Warning: route gateway is not reachable on any active network adapters: x.x.x.x

      Ports are opened so that should not be a problem. I expect that it's NAT that is the issue but I'm no expert…

      I appreciate your help!

      1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott
        last edited by

        AC3200 is acting as my main gateway, and I want to use it as DHCP server for local and VPN clients.

        VPN clients are generally assigned an address by OpenVPN.  Also, DHCP initially uses broadcasts, which are not normally routed.  This means when a VPN client issues a DHCP discover, it will not be passed to the DHCP server.  If you must use a DHCP server that's not on the local network, the usual practice is to use a relay agent.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • R
          rfx88
          last edited by

          @JKnott:

          AC3200 is acting as my main gateway, and I want to use it as DHCP server for local and VPN clients.

          VPN clients are generally assigned an address by OpenVPN.  Also, DHCP initially uses broadcasts, which are not normally routed.  This means when a VPN client issues a DHCP discover, it will not be passed to the DHCP server.  If you must use a DHCP server that's not on the local network, the usual practice is to use a relay agent.

          Thanks. I've enabled it but there's no change.

          I also removed routing from config. It now looks like this:

          push "route-gateway x.x.x.1";

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.