Can't access remote network through OpenVPN tunnel
-
I setup an OpenVPN server on my pfSense box. I followed the instructions per the pfSense document page "OpenVPN Remote Access Server". I worked through the wizard, and used the OpenVPN export plugin to export my config files, certs, and keys just fine. I use linux as my client machine. I initiate the connection, enter my username and password, and the openvpn output tells me that i am connected. However when i try to ping any machine on the network behind my tunnel i get this message: "ping: sendmsg: Operation not permitted". I tried googling for information on this error but there was nothing specific about my situation. I do see a lot of talk to check routing configurations. When i run route -n i can see the remote network with my openvpn network as the gateway. I also configured the OpenVPN interface to allow all protocols, which is why this is confusing me. I also enabled logging on the pfSense firewall rule and i don't see anything getting blocked. Any ideas, suggestions, or just a flat out statement of something obvious i missed will be greatly appreciated. Thanks
Brian.
-
What rules, exactly, did you place in Firewall > Rules, OpenVPN tab??
-
Attached is a snapshot of the Firewall Rules i have setup on the OpenVPN interface
 -
Check the local firewall on the host you're trying to ping then.
-
And there it is…the OBVIOUS :-. I'm so happy that this post will forever live in the ether documenting my childish mistake.
I disabled my firewall and everything works as advertised. Thank you for the help.
BTW, I really appreciate the network diagram you link to in your signature. It really helps to decipher networking terms you may use when troubleshooting peoples problems. For instance, when you mentioned host I initially thought you were referring to the server where OpenVPN was running...but looking at your diagram I immediately know what you mean when you say host. Would you mind if I also use it in my signature?
-
No. It's MINE!
I guess if you want.
You would be AMAZED how unobvious local "software" firewalls are. Everyone beats their head against one occasionally. It still happens to me when I take my laptop to a hotel, enable the firewall, then try to use it for testing some days later. It's something you just get used to checking when you should be able to ping a host and can't. (And they're worth the trouble, to be sure).
I try to use the terminology and formatting found here:
https://doc.pfsense.org/index.php?title=Wiki_Style_Guide
-
I'm having the same problem.
Firewall is not running on my mac and I have the same IP any any rule on my openvpn rule tab.
-
What rule?
-
The same Hayward posted above on his Firewall>Rules>OpenVPN Passing IPv4 any any source any port any destination any port.
I can ping the Remote host from my firewall when openvpn shows that it is up. I try to ping Google public DNS and that fails from the firewall.
-
I try to ping Google public DNS and that fails from the firewall.
What does that have to do with OpenVPN. If you're having a problem you should probably start another thread.
-
I'm describing the failures that I'm seeing because I can't access a network external to mine, kind of like what this thread is called.
-
Good luck.
-
I see what you're saying. Thanks.
