Unable to reach LAN IP after connecting to openvpn
-
THE HOST FIREWALL!!! ie the client on the lan side your trying to ping, its software firewall... Went over this way back in the thread..
Windows out of the box is not going to let some IP (tunnel network your remote guy got from vpn) ping it..
-
@johnpoz I have disabled all the Windows firewall but no luck
-
If you can ping your lan IP of pfsense, then your going down the tunnel.. Then that means you can get to the lan network... So sniff on the lan interface while you ping some lan client from your vpn... Do you see it send ping go towards the client. Do you see a response..
Here is example from my phone pinging my 192.168.1.100 box..
-
did you mess with openvpn firewall rules.. The wizard will create a any any rule.. Did you delete this - not use the wizard? Modify it?
-
@johnpoz the rule is there, i have used the wizard.
look like problem is different, all the clients are getting same ip after connecting vpn :(
-
Are you connecting multiple clients at the time? Multiple clients connected at the same time would not get the same IP. But yes client A connects, then disconnections and client B connects then sure it could get the same IP that A had before.
What does that have to do with pinging inbound to something on the lan?
-
@johnpoz Yes I am connecting multiple client in same time and getting single ip for all the client, I think if we solve this issue we will be able to solve the ping issue as well.
-
Are clients as using the same creds/certs access?
Did you setup some client override following some previous guide that you did not remove?
-
@johnpoz Yes right you are i am using the same access and cert for 2 number of vpn connection.
-
@johnpoz Thanks for the pointing out the user access thing.. now ip is different for the different users.. please please help me on the ping issue please :)
-
So your client can ping the pfsense lan IP - right?
If so then the tunnel is there and your client is going down the tunnel. Then again this screams firewall on the host your trying to ping on the lan, or the device not having a gateway or pointing to different gateway that pfsense, or having a route that says your tunnel network uses a different gateway.
Please sniff on your lan interface while you ping one of your lan IPs.. Like I showed in my example.
-
@johnpoz thanks TON to you for your all support, I am able to solve this issue by adding outbound NAT.
-
So you had messed with your outbound nat like I brought up way earlier in the thread.. If your outbound nat is automatic when you run through the openvpn wizard it will add your tunnel network to the nat..
Did you switch to automatic, or did you create some nat - mind posting your outbound nat screen..
