• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Cant ping lan from Vpn client but other way around possible

Scheduled Pinned Locked Moved OpenVPN
4 Posts 2 Posters 2.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    denizv
    last edited by Apr 5, 2013, 8:47 PM

    Hi

    I setup vpn server successfully.
    My vpn server 10.0.0.0/24
    My local lan 192.168.1.0/24

    From vpn client, I can ping 10.0.0.1 and 192.168.1.1. I can access internet without problem. Client's ip is host's ip so everything seems correct. Lan clients can ping vpn clients but vpn clients cannot ping lan clients.
    I also added
    push "route 10.0.0.0 255.255.255.0"
    line to advanced section of vpn server. I added firewall rules both lan and openvpn section which should forward things but all failed please help me

    1 Reply Last reply Reply Quote 0
    • M
      marvosa
      last edited by Apr 7, 2013, 1:27 PM

      Need more info.

      Post your server.conf.
      Post your firewall rules.

      1 Reply Last reply Reply Quote 0
      • D
        denizv
        last edited by Apr 7, 2013, 11:49 PM

        ok

        I found openvpn conf file under /var/etc/openvpn/server1.conf im posting it

        dev ovpns1
        dev-type tun
        dev-node /dev/tun1
        writepid /var/run/openvpn_server1.pid
        #user nobody
        #group nobody
        script-security 3
        daemon
        keepalive 10 60
        ping-timer-rem
        persist-tun
        persist-key
        proto udp
        cipher AES-128-CBC
        up /usr/local/sbin/ovpn-linkup
        down /usr/local/sbin/ovpn-linkdown
        local 85.96.61.173
        tls-server
        server 10.0.0.0 255.255.255.0
        client-config-dir /var/etc/openvpn-csc
        username-as-common-name
        auth-user-pass-verify /var/etc/openvpn/server1.php via-env
        tls-verify /var/etc/openvpn/server1.tls-verify.php
        lport 1194
        management /var/etc/openvpn/server1.sock unix
        max-clients 10
        push "route 192.168.1.0 255.255.255.0"
        push "dhcp-option DNS 193.140.100.210"
        push "dhcp-option DNS 88.255.242.6"
        push "redirect-gateway def1"
        client-to-client
        ca /var/etc/openvpn/server1.ca
        cert /var/etc/openvpn/server1.cert
        key /var/etc/openvpn/server1.key
        dh /etc/dh-parameters.1024
        tls-auth /var/etc/openvpn/server1.tls-auth 0
        comp-lzo
        persist-remote-ip
        float
        push "route 10.0.0.0 255.255.255.0"

        push "route 192.168.1.0 255.255.255.0"

        Im also postin firewall rules

        I hope these help

        1 Reply Last reply Reply Quote 0
        • D
          denizv
          last edited by Apr 8, 2013, 7:42 PM

          I installed pfsense 2.1beta using snaphots. I configured it in "tap" mode. After dealing with windows firewall everything seems to be ok now.
          Except, when i try to connect to vpn server from local network, it connects but nothing works. It's not a big issue since nobody needs to use VPN in local network but it was working in v2.0.2 though. I noticed "Backend for authentication" line is missing in openvpn/server page. I thought this is issue or maybe tap mode is causing it. It would be better if i could test vpn from local network though.

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received