Cannot ping all LAN clinets from VPN
-
I have an interesting issue where I can ping some clients on the LAN but not all of them through the VPN. The pfSense ping diagnostics utility can ping all the clients. Other LAN clients can also ping all other LAN clients. There are just some LAN devices which cannot be accessed through the VPN.
LAN is 192.168.1.0/24
xenserver is 192.168.1.22
pfSense is 192.168.1.1 and lives, as a VM, on xenserver. xenserver provides a WAN and LAN interface for pfSense to use.
FreeNAS is 192.168.1.10 and lives, as a VM, on xenserver. xenserver provides a LAN interface to FreeNAS
There is an unmanaged switch connected to the xenserver LAN port.
wifiap is 192.168.1.2 and is connected to the switch.
pc is 192.168.1.70 and gets its IP through DHCP. It is a physical machine the switch.OpenVPN is 192.168.42.0/24 and is configured to put clients onto 192.168.1.0/24.
On the VPN I can ping:
- pfSense
- FreeNAS
- pc
- other DHCP devices, other static devices, all on LAN (>10 devices, no problems)
On the VPN I cannot ping:
- xenserver
- wifiap
All the devices I wish to ping appear in the ARP table in pfSense. All these devices can be pinged through pfSense through the LAN interface. I'm unsure of what the commonality is between the two devices on the LAN I cannot access through the VPN. I thought it had to do with their static IP assignments, but i can access other devices which also have static IP's and don't use DHCP to be on the network.
Anybody have any suggestions?
Thanks,
Mike -
Common software firewall's behaviour is to block traffic from outside its own subnet, so it will not reply to pings from your VPN network. The Windows firewall behaves this way. Perhaps these other devices do as well.
