Cant ping lan from Vpn client but other way around possible
-
Hi
I setup vpn server successfully.
My vpn server 10.0.0.0/24
My local lan 192.168.1.0/24From vpn client, I can ping 10.0.0.1 and 192.168.1.1. I can access internet without problem. Client's ip is host's ip so everything seems correct. Lan clients can ping vpn clients but vpn clients cannot ping lan clients.
I also added
push "route 10.0.0.0 255.255.255.0"
line to advanced section of vpn server. I added firewall rules both lan and openvpn section which should forward things but all failed please help me -
Need more info.
Post your server.conf.
Post your firewall rules. -
ok
I found openvpn conf file under /var/etc/openvpn/server1.conf im posting it
dev ovpns1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 85.96.61.173
tls-server
server 10.0.0.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
username-as-common-name
auth-user-pass-verify /var/etc/openvpn/server1.php via-env
tls-verify /var/etc/openvpn/server1.tls-verify.php
lport 1194
management /var/etc/openvpn/server1.sock unix
max-clients 10
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 193.140.100.210"
push "dhcp-option DNS 88.255.242.6"
push "redirect-gateway def1"
client-to-client
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo
persist-remote-ip
float
push "route 10.0.0.0 255.255.255.0"push "route 192.168.1.0 255.255.255.0"
Im also postin firewall rules
I hope these help
-
I installed pfsense 2.1beta using snaphots. I configured it in "tap" mode. After dealing with windows firewall everything seems to be ok now.
Except, when i try to connect to vpn server from local network, it connects but nothing works. It's not a big issue since nobody needs to use VPN in local network but it was working in v2.0.2 though. I noticed "Backend for authentication" line is missing in openvpn/server page. I thought this is issue or maybe tap mode is causing it. It would be better if i could test vpn from local network though.