Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [RESOLVED]Directed to local router instead of my pfSense

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 866 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      I've noticed on certain home networks (such as my friends house) I'll be able to successfully connect to my home network using OpenVPN on any device. Only instead of my pfSense box showing up when trying to access the GUI; the local router is displayed and not my pfSense box that i'm connecting to via OpenVPN. Im not sure what the problem is but believe it isn't a DNS issue. I have this issue with my IPSec VPN as well and only happens on select networks. I followed a basic guide and tried pushing my pfSense box for DNS request when clients connect using OpenVPN but no dice. Even my IPSec VPN is a guide from the pfSense Docs

      Anyone know what the problem could be?

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Huh??  So your on this remote network, you then create a vpn tunnel to your pfsense box..  And you then want to access your pfsense webgui via the IP/FQDN and you get your friends routers gui?

        Well what is the network at your house, and what is the network when your remote.

        So say your home network is 192.168.1.0/24 and your pfsense IP you use to access your webgui is 192.168.1.1..  Your at your buddies house, whos network also happens to be 192.168.1.0/24 and his router is also on 192.168.1.1.

        You then access 192.168.1.1, its not going to go down your vpn tunnel to get to network, since it thinks 192.168.1.0/24 is local..

        What is your tunnel network you use btw?  I use 10.0.8/24 and 10.0.200/24 one is tcp the other is if connected udp to vpn.  The fix here is to use a noncommon IP range for your home network, so the likely hood coming from a network that is the same IP space as your home network is very slim.

        192.168.0/24 and 192.168.1/24 are very very common - pretty much every single soho router out there default to one of these as their network.  With .1 being the routers IP quite often, .254 is the other common default.

        What I would suggest is you change your home lan to be something else common, I run 192.168.9.0/24 for example.  My other segments are then 192.168.2-8, etc.  So its unlikely there to be a conflict when on a hotspot somewhere or whatever other network I might be on (hotel for example) that need to vpn back to my network.  There is a VAST choice of private IP space 192.168/16, 10/8, 172.16/12 pick something off the beaten path and your issue should go away.

        172.29.42.0/24 prob not going to run into such a network anywhere else you might be ;)  Your only concern then is when the place uses an inappropriately large network, like the FULL range of the space..  You wouldn't believe how many idiots use 10/8 as their network for example..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • ?
          A Former User
          last edited by

          Thank you for your reply, and for providing me with a recommendation. Sorry if my post was a little confusing at first. Originally I thought of this but wasn't completely sure as I have felt that even on a network of the same private ip of my local home network; tunneling thru the vpn still worked for me. I wanted to see if there was something else to try as changing my local home network would require me to edit all my static IP I've created  :'(

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.