Access Web Server (port 80, port 443) in LAN over VPN
I've successfully got a VPN server running in my office so I can VPN in from my Macbook using TunnelBlick. The VPN tunnels to the 10.0.4.0 subnet which is a server management LAN that I've recently created.
I'm now trying to manage some boxes remotely using HP ILO. One of my servers has a static IP of 10.0.4.21. If I ping it whilst connected to the VPN, the ping responds without any problems:
PING 10.0.4.21 (10.0.4.21): 56 data bytes 64 bytes from 10.0.4.21: icmp_seq=0 ttl=63 time=40.979 ms 64 bytes from 10.0.4.21: icmp_seq=1 ttl=63 time=41.242 ms 64 bytes from 10.0.4.21: icmp_seq=2 ttl=63 time=36.553 ms 64 bytes from 10.0.4.21: icmp_seq=3 ttl=63 time=32.158 ms 64 bytes from 10.0.4.21: icmp_seq=4 ttl=63 time=31.610 ms 64 bytes from 10.0.4.21: icmp_seq=5 ttl=63 time=34.180 ms ^C --- 10.0.4.21 ping statistics --- 6 packets transmitted, 6 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 31.610/36.120/41.242/3.869 ms
However, when I hit the IP in a web browser, the request times out so I can't access the ILO web dashboard at all. I can access these pages whilst being physically connected to the LAN though.
Under my OpenVPN interface firewall rules, I've configured the following rules:
I'm not sure if these rules are correct, but seen as I have many servers, I want to configure a rule which says "access to port 80 or port 443 on any server is okay, as long as it's in the 10.0.4.0 subnet if you're connected through a VPN tunnel."
What else should I try to get this working? I'm quite new to pfsense so there are still quite a few network routing techniques that I'm not an expert of and would like a push in the right direction if possible.
Thanks in advance for any help!