openvpn shall use local network
-
I thought i have provided all information about ip addresses.. anyway here we go:
iphone 6 with openvpn app
pfsense with latest version and latest openvpn installed
App settings;
Seamless Tunnel on
VPN protocol TCP
DNS fallback off
layer 2 offplex server ip 192.168.0.121/24
pc ip 192.168.0.118/24
phone ip via vpn 192.168.8.1/24is something else required?
-
@pooperman said in openvpn shall use local network:
too hard to explain.
Don't worry about it - don't care.. Have fun with such nonsense.. You have devices on your local network you want to interact with at L2, ie same broadcast domain.. Then connect to this network..
If you want to vpn into your network via this vpn connection and be on the same L2, then you would have to use tap vs tun... But you can not also be connected to the wifi.. But if you stay on the LTE then you could do it.
But that is just freaking moronic. .And sure not going to be "fast" why would you want to add that sort of latency and instability to your control - delay, etc. Click on control to pause song and doesn't work or takes 2-10 seconds to kick in.. When your right there local..
There is zero way to explain such nonsense..
edit: Well iphone, so you can not do tap anyway.. Have fun, since you know connecting to your local wifi would be so hard ;) You know yoru phones like auto do it when they get near... Simple button your home screen to connect and disconnect your vpn.. You could automate that as well.
-
let us not discuss sense or nonsense, in my case there is a purpose and I am just in hope that we can find a solution without offtopic discussions.
Layer 2 is not an option, i need to have layer 3
please forget wifi, we are only talking about cellphone internet via vpn.
is there no way like bridging vpn network to 192.168.0.* network?
adding another vpn client in 192.168.0.* network?come on guys you are the experts, cant be that there is no way for doing that.
-
I am able to see everything in my network from the vpn phone, but not the other way round?
If you can see all your LAN clients with VPN on then it's not directing all traffic out the VPN. Is your wifi on the same LAN or is it on a different subnet? If same LAN then pfSense is not involved at all.
-
@KOM said in openvpn shall use local network:
I am able to see everything in my network from the vpn phone, but not the other way round?
If you can see all your LAN clients with VPN on then it's not directing all traffic out the VPN. Is your wifi on the same LAN or is it on a different subnet? If same LAN then pfSense is not involved at all.
it is not about out rather then in.
phone connects via cell internet via vpn to www.mydoinain.org
this redirects it to openvpn servers ip address, goes in via open port in pfsense, goes to pfsense dns server, goes to plex server.so I am able to see all clients and use the tunnel for ALL communication. inside 192.168.0.* network and www
but from 192.168.0.* network I cannot see openvpn client.
therefore I assume it is something like a virtual network or a rule which block it or just missing routing. -
@KOM said in openvpn shall use local network:
I am able to see everything in my network from the vpn phone, but not the other way round?
If you can see all your LAN clients with VPN on then it's not directing all traffic out the VPN. Is your wifi on the same LAN or is it on a different subnet? If same LAN then pfSense is not involved at all.
please forget WIFI, there is no wifi, I am only connected vi cellphone internet
-
OK, all of that info would have been good to know from your very first post.
So your VPN is in to yourself. What rules do you have on your OpenVPN interface in pfSense? Just the default one that gets created by the OpenVPN Remote Access wizard? Any other packages running like SNort or Suricata? Anything showing as blocked in your firewall log while testing? Are you running a web proxy like squid?
-
god damn.... found the problem.
there was a rule missplaced
it is now working fine!
-
You're welcome.
-
Your using DLNA, which is how plex finds player from your vpn connection from your phone via your LTE connection... Sorry but no I don't think so..
So your you are either doing something else other than what I Linked to, or your mistaken.. Did you setup pimd or the igmp proxy in pfsense for your vpn connection? Is your iphone rooted and you can use tap mode, etc.
-
@johnpoz
problem is solved.i excluded some ip addresses in the rules table. so in case someone hacks in, the impact would be low.
of course the ip address of the pc was in that rule set xD
my bad, but KOM brought me to that point to recheck the rules.
by the way, thanks for that buddyiphone is not rooted or else, everything is just pure gui configuration without any special modification
-
OK, he's fixed up. Let's call it a day.