Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN connects but can't connect to other network devices

    Scheduled Pinned Locked Moved OpenVPN
    9 Posts 3 Posters 780 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      hliende
      last edited by hliende

      This post is deleted!
      KOMK V 2 Replies Last reply Reply Quote 0
      • KOMK Offline
        KOM @hliende
        last edited by

        @hliende I'm not clear on what you want for an end result. Do you want your OpenVPN clients to have access to one or more of your networks? You control access via the OpenVPN tab on the firewall rules page. By default it should allow everything to anywhere.

        H 1 Reply Last reply Reply Quote 0
        • H Offline
          hliende @KOM
          last edited by hliende

          @kom I would like to connect from the VPN client to specific servers/ports on 1 subnet via Firewall rules.

          And at least according to the pfSense firewall page, when you don't add a rule, everything is blocked:

          "All incoming connections on this interface will be blocked until pass rules are added. Click the button to add a new rule. "

          KOMK 1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM @hliende
            last edited by

            @hliende That is correct, however the OpenVPN wizard will automagically add an allow rule. So in your case now, you want to delete that default rule. Then you want a pass rule that allows only access to the network you choose and the specific ports you want. Create a port alias and then use that in the rule for easier readability.

            H 1 Reply Last reply Reply Quote 0
            • H Offline
              hliende @KOM
              last edited by

              @kom Thanks, but i have the firewall rules in place already on the OpenVPN interface. I can see in the firewall logs that the network traffic is being passed, not blocked.

              1 Reply Last reply Reply Quote 0
              • V Offline
                viragomann @hliende
                last edited by

                @hliende said in VPN connects but can't connect to other network devices:

                I also changed the gateway setting in each firewall rule from Default to the OpenVPN gateway,

                That's wrong. You have to set it back to any.

                For access from VPN clients to internal networks, you only need rules on the OpenVPN tab.

                To be clear, is pfSense the default gateway in all remote subnets?

                Is the server you try to reach accessible from other networks?

                H 1 Reply Last reply Reply Quote 0
                • H Offline
                  hliende @viragomann
                  last edited by

                  @viragomann Thanks, I changed the gateway back to default. I made some headway. I'm able to connect to a Samba server, but I'm still having trouble playing an old network-based game where the game is the server.

                  I ran tcpdump on both the OpenVPN and the physical interface. I see connections to the server and back, but the game doesn't allow online games. When I disconnect the VPN and connect on the a different interface it works. I copied the firewall rules from this interface to the OpenVPN interface. I created firewall rules to allow all traffic between the OpenVPN interface and the physical interface, but still no luck. I don't see any dropped packets.

                  Is there anything else about the VPN settings that would cause an issue?

                  V 1 Reply Last reply Reply Quote 0
                  • V Offline
                    viragomann @hliende
                    last edited by

                    @hliende said in VPN connects but can't connect to other network devices:

                    but I'm still having trouble playing an old network-based game where the game is the server.

                    Where does the game server reside? Where the client?

                    H 1 Reply Last reply Reply Quote 0
                    • H Offline
                      hliende @viragomann
                      last edited by hliende

                      @viragomann Game server is on Interface 2, Client is on the OpenVPN interface. Here's a quick layout of my network:

                      Interface 0 - WAN
                      Interface 1 - 192.168.0.x
                      Interface 2 - 192.168.1.x
                      OpenVPN - 192.168.2.x

                      Interface 1 an 2 can reach the internet through WAN/Interface 0, but generally can't talk to each other (with some exceptions made in the firewall).

                      Locally, a computer on Interface 1 can play games with computers on Interface 2. I just looked for the ports that were requested and opened those up on the firewall. Additionally, computers on Interface 2 can talk to a file share on Interface 1.

                      Using the VPN, I copied the rules used for the file share and gaming (on both the physical and OpenVPN interface respectively) to do the same thing for OpenVPN clients. I'm able to connect in, and from the OpenVPN client I can connect to the file share on Interface 1. I'm able to ping the game server on Interface 2, but when I try to run the games they server isn't visible in the game.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.