Cant Ping\Access anything on Local Network apart from the gateway.

bigp

I will check them out, but i don't believe i have any custom options set. Is there a way i can generate the OpenVPN server config and post it?

viragomann

Just make screenshots and add it to your post as attachments. Don't use spaces in the file names.

bigp

Just checked I have no client specific overrides and I have nothing set in advanced configuration.

Re:
Do you have something special in the "Custom options" in the server ? Where would I find custom options?

viragomann

In the server config right down at the bottom.

It would be more meaningful to post screenshots here. It's easy.

bigp

viragomann please find attached server screenshots

![SERVER CONFIG 1.png](/public/imported_attachments/1/SERVER CONFIG 1.png)
![SERVER CONFIG 1.png_thumb](/public/imported_attachments/1/SERVER CONFIG 1.png_thumb)
![SERVER CONFIG 2.png](/public/imported_attachments/1/SERVER CONFIG 2.png)
![SERVER CONFIG 2.png_thumb](/public/imported_attachments/1/SERVER CONFIG 2.png_thumb)
![SERVER CONFIG 3.png](/public/imported_attachments/1/SERVER CONFIG 3.png)
![SERVER CONFIG 3.png_thumb](/public/imported_attachments/1/SERVER CONFIG 3.png_thumb)
![SERVER CONFIG 4.png](/public/imported_attachments/1/SERVER CONFIG 4.png)
![SERVER CONFIG 4.png_thumb](/public/imported_attachments/1/SERVER CONFIG 4.png_thumb)

viragomann

Everything looks fine in the setup. So I've no Idea where the strange routes come from.
Maybe they are not from the VPN setup. Make a route print on your Windows while no VPN is connected.

bigp

Hi - I have attached 3 route prints. One without any VPN as requested. One with the working VPN for the other WAN link, and one for the non working wan link.

Route_with_no_connection.txt
Route_with_not_working_WANVPNinterface.txt
Route_with_working_WANVPNinterface.txt

viragomann

Obviously the strange route is caused by the VPN connection.

10.20.0.0      255.255.0.0        10.20.0.1        10.20.2.6     31

But your config looks well. So no idea why.

So try to change the VPN tunnel subnet to 10.23.0.0/24 or any other outside of 10.20.0.0/16.

bigp

Ok so I've changed the tunnel to what you suggested and I now have access to both the local network and gateway https://forum.pfsense.org/Smileys/default/grin.gif

However I know cant access the internet? getting closer lol

viragomann

For accessing the internet over VPN it's needed to add an outbound NAT rule for each VPN tunnel subnet. Firewall > NAT > Outbound

By default, pfsense does this automatically if your outbound NAT is set to automatic or hybrid rule generation. But if you change the tunnel that could fail.

bigp

Thanks very much for all your help, I really appreciate it. Its drove me nuts this problem for days.

I added the attached NAT Outbound rule and all is working.

Out of interest why do you think the 10.20.2.0 tunnel wasn't working. I had also already tried changing the address to be 10.20.0.0 which also didn't work. I'm not the best when it comes to networks!

Thanks again.

rule.png_thumb

viragomann

Fine that everything is working at last.

I mentioned the problem above. Your client gets a route pushed from the VPN server that directs the subnet 10.20.0.0/16 to 10.20.0.1. I don't know, where this comes from and you get it on both setup, the working and the not working one. This subnet includes the tunnel subnet (10.20.2.0/24) which you have used before. So your access to the VPN server was miss-routed.
The other tunnel subnet was outside of 10.20.0.0/16, so it worked.

bigp

Thanks again for all your help.