Local network is not reachable through the vpn-tunnel
-
Hi,
I am new hear and hope that somebody had the same problems and can help me, so thanks for answers and here is the problem:I have configured my pfsense as openvpn server and my ubuntu notebook as client.
The vpn - tunnel seems to be ok because the logs say that "Initialization Sequence Completed".
But then I can't reach the "Local network" (it is written in the pfsense openvpn server configuration).
A think my routing tabelle isn't ok but how can I fix it?Here the routing tabelle:
Ziel Router Genmask Flags Metric Ref Use Iface
192.168.2.1 192.168.2.5 255.255.255.255 UGH 0 0 0 tun0
192.168.2.5 * 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 192.168.2.5 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 2 0 0 wlan0
192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0
link-local * 255.255.0.0 U 1000 0 0 wlan0
default 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0Is the default route ok? And if not how can I fix it?
Thank you for your answers,
l084 -
Without a lot more information about how your network is numbered, and how the OpenVPN server is setup, it's impossible to speculate what the problem may be.
-
Wich imformation do you need?
Here are some which I hope should be useful:
My network where the client stands has 192.168.1.0/24
The Address pool the openvpn server is using is 192.168.2.0/24
The local network where the client should be able to access is 192.168.1.0/24 (It's not the one the client stands)Like I said on top just tell me which information are needed.
Thanks for help.
-
There's your problem. It will never route over the OpenVPN tunnel because the subnets overlap.
Renumber one or both of the LANs so they are not the same, and it would work.
-
Is there another possible solution, because I can change one of the subnets, but I can't assure that the client won't get in a subnet that is the same again?
How assure other openvpn user that something like that doesn't happen?Thanks for your answer before and I hope you can get me a hint in this question again.
-
There is no way to guarantee that it won't happen again.
That is why when you design a network you should avoid using the most common networks (192.168.0.x, 192.168.1.x, 192.168.2.x, 10.0.0.x, 10.0.1.x, etc) and instead use something with less common numbering.
There will probably be numerous home networks, hotels, coffee shops, etc that would use 192.168.1.x and you would always have trouble connecting from those locations, it doesn't matter what type of VPN you use.
-
Thanks for the answer. That helps me a lot. I will go and recreate my local network.
It's a very good forum and keep it up.Greetings l084