Can't connect other clients

pfBug

I've been playing around with OpenVPN on my pfsense box. I was able connect to my pfsense box from a different public IP, but I couldn't connect to any of the devices connected to my home network. While pinging the virtual network, command prompt timed out. When not connected it reported back that my the destination didn't exist, or something like that if I recall, which makes since considering the domain doesn't exist on the network I was trying to connect from.

I'm sure there is a problem with my configuration. I wasn't really sure what address to select for my tunnel, and I sort of understand what it does.

My goal right now is to be able to connect to the other clients on my home network. If anyone can assist me with this I'd really appreciate it.

phil.davis

Post the config of your OpenVPN Road Warrior Server, and firewall rules on OpenVPN tab.
You need to tell the server the LAN subnet, in Local Network/s, so it will push that route to the client.
You need rule/s on OpenVPN tab to allow the incoming connects from remote clients to LAN subnet addresses.

pfBug

Since a newb to pfsense and OpenVPN I don't understand some of the jargon you used. But, here is the video I followed while configuring my pfsense box.

Youtube Video

And here are the firewall rules under the OpenVPN tab.

If I've provided the wrong info let me know and I'll correct it. And thank you for your reply.

![Firewall Rules pfsense.png](/public/imported_attachments/1/Firewall Rules pfsense.png)
![Firewall Rules pfsense.png_thumb](/public/imported_attachments/1/Firewall Rules pfsense.png_thumb)

phil.davis

Post a screen shot of the VPN->OpenVPN, Server settings screen. If it has a public IP address in there somewhere then you can black that out.

pfBug

Here ya go.

VPN.png_thumb

dotdash

I'd assume Phil wanted you to click the 'edit' button and show that screen, not the summary screen.

phil.davis

@dotdash:

I'd assume Phil wanted you to click the 'edit' button and show that screen, not the summary screen.

Yes please

pfBug

Ah, sorry for the confusion. I've been gathering my screenshots by calling my father and talking him through the process. I'm sure you all know what troubleshooting via phone is like. But regardless, thank you for your patients. It's refreshing to be on a forum where people aren't derogatory to newbs.

Anyway, I think I've got it this time. Didn't see any public IPs listed. But as I mentioned a few posts up, my information should be the same as what the video I linked to. I followed it exactly so I could try out OpenVPN. That's probably why I can't connect to the other clients on my home network via OpenVPN.

![VPN Settings.png](/public/imported_attachments/1/VPN Settings.png)
![VPN Settings.png_thumb](/public/imported_attachments/1/VPN Settings.png_thumb)

phil.davis

That all looks OK. The only potential issue I can see is that the local LAN behind the server is 192.168.1.0/24. If the place the client is connecting from is also 192.168.1.0/24 (or includes that), then the client will try to talk locally to 192.168.1.0/24 when it should be sending that traffic across the OpenVPN link.
If that is an issue, then, if you can, try connecting from somewhere with different private address space and see if it works.
In the long term, it will pay to change the LAN subnet behind the OpenVPN server to be some different private address space - http://en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces - picking a "random" chunk of 172.16.0.0/12 is likely to avoid clashes with the local coffee shop WiFi.