Unable to route to private network from openVPN connection?

KOM

@diana_shik Do you have the client end set to not pull routes?

diana_shik

@kom Not to my knowledge.
I have created the client export via "Client Export Utility".
I did not create any other client.

diana_shik

@kom Ok.
After switching to IPv4 Local network(s) in tunnel settings to 10.10.10.1/16 my route table looks like this:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.105     50
        10.10.0.0      255.255.0.0       10.10.70.1       10.10.70.2    281
       10.10.70.0    255.255.255.0         On-link        10.10.70.2    281
       10.10.70.2  255.255.255.255         On-link        10.10.70.2    281
     10.10.70.255  255.255.255.255         On-link        10.10.70.2    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link     192.168.1.105    306
    192.168.1.105  255.255.255.255         On-link     192.168.1.105    306
    192.168.1.255  255.255.255.255         On-link     192.168.1.105    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.105    306
        224.0.0.0        240.0.0.0         On-link        10.10.70.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.105    306
  255.255.255.255  255.255.255.255         On-link        10.10.70.2    281
===========================================================================
Persistent Routes:
  None

I have now:

        10.10.0.0      255.255.0.0       10.10.70.1       10.10.70.2    281

If I run tracert 10.10.10.2 I get:

Tracing route to 10.10.10.2 over a maximum of 30 hops

1 23 ms 23 ms 30 ms 10.10.70.1
2 * * * Request timed out.
3 * * * Request timed out.

So now I am routed to the tunnel but still can't access the LAN.

KOM

@diana_shik Does your OpenVPN tab have any rules? It should have an Allow All rule created by the wizard but best to double-check.

diana_shik

@kom Yes, it have an allow all.
Also there is an inbound pass to openvpn port on the WAN.

KOM

@diana_shik Anything of note in the OpenVPN log in System Logs?

viragomann

@diana_shik
First thing to ask, is pfSense the default gateway in the remote network?

diana_shik

@viragomann Yes it is.
Also I am able to pint and trace this IP from pfsense LAN intarface.

viragomann

@diana_shik said in Unable to route to private network from openVPN connection?:

Also I am able to pint and trace this IP from pfsense LAN intarface

Okay, so check the following, please:
On pfSense go to Diagnostic > Ping
Do a ping to a machine you want to reach from VPN. Should work, I assume.
Then change the source to OpenVPN and try again.

If you don't get a respond you have to check the destination device. Maybe its firewall is blocking the access.

diana_shik

@viragomann What do you mean by "Do a ping to a machine you want to reach from VPN"

Under Diagnostics-> Ping I don't have VPN.
Should I?

I do have my openVPN and I loose all packets.

viragomann

@diana_shik
You should find your OpenVPN server in the drop-town.
You can simultanously do a sniff the packets on the LAN interface to see what's going on.

If you see the request packets on the LAN, but no responses, the destination machine either blocks the access from other networks by its own firewall or it has a different default route.
You may disable the firewall on the device for testing.

diana_shik

@viragomann I see.

I can ping and route from LAN successfully.
I can not ping or route from openVPN.