I can access some nodes on the LAN, but not others. (SOLVED)
-
Config:
WAN: 172.16.69.210
LAN: 10.0.0.0/24
OPT1: 10.0.1.0/24 vlan 10
OPT2: 10.0.2.0/24 vlan 20
OpenVPN: 10.0.3.0/24Over the VPN I'm able to connect to some IP addresses on the LAN network, but others I can't connect to. I have a Dell M1000e and I can't access the CMC or iDRAC consoles (10.0.0.10 - 10.0.0.16), but I can access the consoles on the I/O switch modules (10.0.0.21 - 10.0.0.23). I can also access a few Ubuntu hosts on the LAN network. I can ping the gateway at 10.0.0.1 and 10.0.3.1. When I try to ping 10.0.0.10 (the CMC for the M1000e) I just get request timeout. I can successfully ping 10.0.0.10 from within the diagnostics menu in pfSense and I can access the CMC just fine from a different node that is on the LAN network. My firewall rule tables are wide open, even with "Disable all packet filtering" checked it still doesn't work.
The state table shows: ovpns1 tcp 10.0.3.2:52097 -> 10.0.0.10:22 CLOSED:SYN_SENT
I see the following in the OpenVPN debug log:
Jan 9 22:36:05 openvpn 58279 nbritton/172.16.226.79 GET INST BY VIRT: 10.0.0.10 [failed] -
I deleted pfSense and installed ClearOS 7. With ClearOS I have the exact same problem. I tried switching the IP address of one of the iDRACs with the working IP of one of the I/O switch module and that did nothing, the problem stayed with the iDRAC.
-
I solved the problem. The gateway setting on the CMC and iDRAC was misconfigured with the wrong IP address. They were all configured with 10.0.0.254 as the gateway, I corrected it to 10.0.0.1 and everything started working properly.