Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] OpenVPN Clients can connect to LAN, but not shared files

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 4.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gsrtex
      last edited by

      I have been pulling my hair out trying to get this issue resolved and tried everything I have been able to find online (including in these forums) to no avail. Any suggestions would be appreciated.

      Quick Summary:

      • We have a Windows Server 2012 R2 Domain with all clients running W10 Pro.
      • Used to use a Neatgear router VPN but have since outgrown that - moved to pfSense a few days ago
      • Staff need to access network resources remotely while on the VPN, including intranet sites and local devices (IIS, file server management interface, etc).
      • We have a Synology NAS file server, along with three other servers for printing and various applications.

      The problem:

      • Certs are setup, and OpenVPN was configured with the Wizard - very simple setup.
      • Clients can login and connect with no issues
      • Internal devices can be accessed but only through a browser - I can connect to a printer's management site by going to its IP and it comes up instantly.
      • File Sharing appears to be blocked - I cannot directly connect to any shared drives or folders, even having tried three different systems on the network.
      • The Gateway always appears blank when I run ipconfig, no matter what I do

      What I've tried so far, with no success:

      • I completely disabled the Windows Firewall on a VPN Client and on one system in the network to see if that was the cause - it made no difference .
      • I added the 10.0.0.0 - 10.0.0.9 scope to File and Printer Sharing (SMB) inbound rules on a network workstation
      • Added push "route 192.168.1.0 255.255.255.0" to the config file
      • Specified IP, Subnet Mask & Gateway in the TAP Ethernet adapter's settings (Gateway still appears blank)

      Current settings:

      • OpenVPN is running (tun device) on tunnel network 10.0.0.0/24
      • OpenVPN set to port 1194
      • Current max of 5 clients set
      • IPv4 Local network is set to 192.168.1.0/24 (the LAN)
      • pfSense box is the network gateway, sitting at 192.168.1.1
      • pfSense firewall set to * source, * destination, listening on port 1194
      • Default WAN gateway is set to 'dynamic' - unchanged from how it setup automatically. OpenVPN server is set to reference this default setting.

      At this point, it feels like it's 95% of the way there - users can authenticate, connect, and access devices through web ports. They just can't access file shares which is a big deal as it makes the VPN useless for almost everything they need to do.

      Thanks in advance.

      1 Reply Last reply Reply Quote 0
      • G
        gsrtex
        last edited by

        For anyone who has this problem in the future, I did a facepalm when I realized it was DNS.

        We have a local DNS server which the default adapters are set to through DHCP. However, it had to be configured on the OpenVPN server as well. I had done it the first time, but deleted my entire OpenVPN setup as it wasn't working at all - redid it from scratch and forgot to tick the box for specifying a DNS server.

        I went back and did that, reconnected, and it all works. My eureka moment was trying the file server by its direct IP instead of UNC - it worked flawlessly.

        I feel like an idiot for not realizing this sooner but hopefully someone who has the same brain fart as me can benefit from my post. I hate DNS….

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.