[SOLVED] OpenVPN Clients can connect to LAN, but not shared files

gsrtex · Jun 4, 2017, 6:40 AM

I have been pulling my hair out trying to get this issue resolved and tried everything I have been able to find online (including in these forums) to no avail. Any suggestions would be appreciated.

Quick Summary:

We have a Windows Server 2012 R2 Domain with all clients running W10 Pro.
Used to use a Neatgear router VPN but have since outgrown that - moved to pfSense a few days ago
Staff need to access network resources remotely while on the VPN, including intranet sites and local devices (IIS, file server management interface, etc).
We have a Synology NAS file server, along with three other servers for printing and various applications.

The problem:

Certs are setup, and OpenVPN was configured with the Wizard - very simple setup.
Clients can login and connect with no issues
Internal devices can be accessed but only through a browser - I can connect to a printer's management site by going to its IP and it comes up instantly.
File Sharing appears to be blocked - I cannot directly connect to any shared drives or folders, even having tried three different systems on the network.
The Gateway always appears blank when I run ipconfig, no matter what I do

What I've tried so far, with no success:

I completely disabled the Windows Firewall on a VPN Client and on one system in the network to see if that was the cause - it made no difference .
I added the 10.0.0.0 - 10.0.0.9 scope to File and Printer Sharing (SMB) inbound rules on a network workstation
Added push "route 192.168.1.0 255.255.255.0" to the config file
Specified IP, Subnet Mask & Gateway in the TAP Ethernet adapter's settings (Gateway still appears blank)

Current settings:

OpenVPN is running (tun device) on tunnel network 10.0.0.0/24
OpenVPN set to port 1194
Current max of 5 clients set
IPv4 Local network is set to 192.168.1.0/24 (the LAN)
pfSense box is the network gateway, sitting at 192.168.1.1
pfSense firewall set to * source, * destination, listening on port 1194
Default WAN gateway is set to 'dynamic' - unchanged from how it setup automatically. OpenVPN server is set to reference this default setting.

At this point, it feels like it's 95% of the way there - users can authenticate, connect, and access devices through web ports. They just can't access file shares which is a big deal as it makes the VPN useless for almost everything they need to do.

Thanks in advance.

gsrtex · Jun 4, 2017, 6:39 AM

For anyone who has this problem in the future, I did a facepalm when I realized it was DNS.

We have a local DNS server which the default adapters are set to through DHCP. However, it had to be configured on the OpenVPN server as well. I had done it the first time, but deleted my entire OpenVPN setup as it wasn't working at all - redid it from scratch and forgot to tick the box for specifying a DNS server.

I went back and did that, reconnected, and it all works. My eureka moment was trying the file server by its direct IP instead of UNC - it worked flawlessly.

I feel like an idiot for not realizing this sooner but hopefully someone who has the same brain fart as me can benefit from my post. I hate DNS….