Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site to lan

    OpenVPN
    3
    6
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      ceceghini
      last edited by

      Hi, I'm a beginner of pfsense.

      I' have a problem with openvpn and "site to lan" access.

      The openvpn works correctly and from my client with vpn running i ping the LAN ip address of pfsense server. I' dont ping the IP of another server that is on the same private network. I'see in firewall log the record with PASS action. I presume that is ok. There is another parameter to configure? I'need enable ip routing or similar ?

      Thank's Cesare

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        If the firewall passes it, the firewall may be doing all it can do. If it comes in from the client, leaves the LAN going to your local network, and then it doesn't come back, it would be a problem on whatever you're sending it to.

        Make sure that whatever you're trying to reach is using pfSense as its default gateway, and that there isn't a local firewall on the target device/server that would be blocking that traffic.

        Some packet captures might help track down where it's going or not going.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          marvosa
          last edited by

          Post your configs.  I'd be willing to bet you either are not pushing the correct routes to your clients or you haven't disabled the software firewalls on your clients.

          1 Reply Last reply Reply Quote 0
          • C
            ceceghini
            last edited by

            I solved it, it was a route problem. I set as default gateway the LAN IP of pfsense server. But now the problem is that the server can not reach the public network. I've set as default gateway and as dns server the LAN ip pf pfsense. The dns work. In a ssh console of pfsense with tcpdump i see the request from server to external ip but don't see the response.

            Do you have any idea?

            Thank's you very much

            Cesare

            1 Reply Last reply Reply Quote 0
            • M
              marvosa
              last edited by

              So, still no details?  It sounds more like you made a random change and traded issue for another.

              Manually changing the default gateway on the client is not the solution.

              Please give more details so we can help you troubleshoot.

              1 Reply Last reply Reply Quote 0
              • C
                ceceghini
                last edited by

                Sorry I explained badly.

                The problem was the default gateway of server (192.168.20.2) that is on the same network interface LAN (192.168.20.1) Server pfSense. The default gateway are another address now is 192.168.20.1. Now the client that connect to pfsense throught openvpn che see the server (192.168.20.2).

                Now the problem is inverse, from the server 192.168.20.2 that has default gateway the private address of pfsense server (192.168.20.1) can't ping address outside the pfsense server.

                How do I retrieve the configuration to be put on the forum ?

                thank's Cesare

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.