Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cant ping lan from Vpn client but other way around possible

    OpenVPN
    2
    4
    2.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      denizv
      last edited by

      Hi

      I setup vpn server successfully.
      My vpn server 10.0.0.0/24
      My local lan 192.168.1.0/24

      From vpn client, I can ping 10.0.0.1 and 192.168.1.1. I can access internet without problem. Client's ip is host's ip so everything seems correct. Lan clients can ping vpn clients but vpn clients cannot ping lan clients.
      I also added
      push "route 10.0.0.0 255.255.255.0"
      line to advanced section of vpn server. I added firewall rules both lan and openvpn section which should forward things but all failed please help me

      1 Reply Last reply Reply Quote 0
      • M
        marvosa
        last edited by

        Need more info.

        Post your server.conf.
        Post your firewall rules.

        1 Reply Last reply Reply Quote 0
        • D
          denizv
          last edited by

          ok

          I found openvpn conf file under /var/etc/openvpn/server1.conf im posting it

          dev ovpns1
          dev-type tun
          dev-node /dev/tun1
          writepid /var/run/openvpn_server1.pid
          #user nobody
          #group nobody
          script-security 3
          daemon
          keepalive 10 60
          ping-timer-rem
          persist-tun
          persist-key
          proto udp
          cipher AES-128-CBC
          up /usr/local/sbin/ovpn-linkup
          down /usr/local/sbin/ovpn-linkdown
          local 85.96.61.173
          tls-server
          server 10.0.0.0 255.255.255.0
          client-config-dir /var/etc/openvpn-csc
          username-as-common-name
          auth-user-pass-verify /var/etc/openvpn/server1.php via-env
          tls-verify /var/etc/openvpn/server1.tls-verify.php
          lport 1194
          management /var/etc/openvpn/server1.sock unix
          max-clients 10
          push "route 192.168.1.0 255.255.255.0"
          push "dhcp-option DNS 193.140.100.210"
          push "dhcp-option DNS 88.255.242.6"
          push "redirect-gateway def1"
          client-to-client
          ca /var/etc/openvpn/server1.ca
          cert /var/etc/openvpn/server1.cert
          key /var/etc/openvpn/server1.key
          dh /etc/dh-parameters.1024
          tls-auth /var/etc/openvpn/server1.tls-auth 0
          comp-lzo
          persist-remote-ip
          float
          push "route 10.0.0.0 255.255.255.0"

          push "route 192.168.1.0 255.255.255.0"

          Im also postin firewall rules

          I hope these help

          1 Reply Last reply Reply Quote 0
          • D
            denizv
            last edited by

            I installed pfsense 2.1beta using snaphots. I configured it in "tap" mode. After dealing with windows firewall everything seems to be ok now.
            Except, when i try to connect to vpn server from local network, it connects but nothing works. It's not a big issue since nobody needs to use VPN in local network but it was working in v2.0.2 though. I noticed "Backend for authentication" line is missing in openvpn/server page. I thought this is issue or maybe tap mode is causing it. It would be better if i could test vpn from local network though.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.