What do I need to be able to ping vpn client from the lan side of vpn server?



  • So I have pfsense server 2.3.2-RELEASE-p1    192.168.11.1
    it has openvpn server 10.8.0.0/24
    clients can connect to server and they can ping lan side 192.168.11.0/24
    but I can't ping the vpn clients from the lan side.  From 192.168.11.127 I can't ping 10.8.0.2
    From pfsense diag I can ping 10.8.0.2

    I feel like I would just need to add a route  from lan to openvpn, but I really don't know.
    thanks for the help.


  • LAYER 8 Netgate

    Make sure policy routing on LAN isn't sending those connection attempts out a WAN instead. Might need to bypass it for that destination.

    https://doc.pfsense.org/index.php/Bypassing_Policy_Routing

    Make sure the target host VPN stack/firewall/etc will actually allow the incoming traffic from that subnet.



  • I feel silly but it was windows firewall.

    Openvpn is detected as public network // unidentified network.
    I don't have a default gateway set in openvpn. I think that is why.

    how do I set one that does not route all traffic, but is set so it can be a private network.
    Thanks for the quick reply.



  • I made a firewall rule to allow 10.8.0.0/24 in windows firewall.
    That works, but it would be better If I could get it to show private, and not have all traffic go through the vpn.


Log in to reply