Newbie Openvpn settings question
-
Hi,
I'm quite new to this so here goes : Running pfsense2.0rc2 on a alix board.
3 ports used: WAN / LAN / WORKLAN, LAN port is 192.168.10.1 Worklan is 192.168.20.1
I have an openvpn client installed and it seems to correctly connect to my work openvpn server.Jun 13 19:42:15 openvpn[61218]: PUSH: Received control message: 'PUSH_REPLY,route 10.98.0.0 255.255.0.0,dhcp-option DNS 10.98.247.198,dhcp-option DNS 10.98.250.1,route
10.99.0.0 255.255.0.0,route 192.168.64.0 255.255.255.0,route 10.97.0.0 255.255.0.0,route 172.25.25.0 255.255.255.0,route 172.21.0.0 255.255.0.0,route
192.168.254.0 255.255.255.0,route 10.123.45.0 255.255.255.0,route 172.21.1.1,ping 10,ping-restart 60,ifconfig 172.21.1.14 172.21.1.13'
Jun 13 19:42:15 openvpn[61218]: OPTIONS IMPORT: timers and/or timeouts modified
Jun 13 19:42:15 openvpn[61218]: OPTIONS IMPORT: –ifconfig/up options modified
Jun 13 19:42:15 openvpn[61218]: OPTIONS IMPORT: route options modified
Jun 13 19:42:15 openvpn[61218]: OPTIONS IMPORT: –ip-win32 and/or --dhcp-option options modifiedHow can i make my WORKLAN connect to the vpn and leave the LAN seperate. I've also added an interface with the ovpc1.
But as I have no knowledge of vpn's i'm really stuck.thanx for any help.
-
If I understand you correct, you can connect from the OpenVPN client to the pfsense webGUI/OpenVPN server but you cannot connect to the WORKLAN subnet ?
Just go to OpenVPN Server, edit and scroll down to advanced:
Enter:
push "route 192.168.20.0 255.255.255.0"
Save, restart, reconnect OpenVPN client.
PS: Remember to create a firewall rule to allow you OpenVPN client/network to access the WORKLAN.
-
First create deny rule bot lan and vpn networks to "see" each other and after that it should be done
-
Hi,
Thanx for the replies. Actually there shouldn't be access from openvpn to the WORKLAN.
But when adding the rule to the openvpn, the normal LAN doesn't work anymore.regards Jan.
-
@Metu69salemi
Why to create a deny rule !?@on6zg
I do not really understand what you want to realize. Perhaps I have some misunderstanding because english is not my native language. Could you try to explain me the problem with other words and perhaps poste a screenshot or something which explains you scenario with ip addresses and subnets. -
If i understood he wanted to deny access from other networks than openvpn and worklan
-
Ok, So my normal lan (fysical port vr1) is used for normal internet traffic to WAN (fysical port vr2), I made a second WORKLAN (fysical port vr3) with a pc and a server on it. I can access my WORKLAN trough my normal lan, but not the other way around.
normal lan =192.168.10.X /24
worklan =192.168.1.X /24Now i'm trying to access a remote network via an openvpn trough my worklan, the other lan should not see it or be influenced.
When setting the push gateway in the advanced tap i seem to route all traffic from the worklan trough the openvpn and the normal lan doesn't work anymore :(
that's the current situation
Thanx for all the help
Jan.