Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [SOLVED] OpenVPN Clients can connect to LAN, but not shared files

    OpenVPN
    1
    2
    2623
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gsrtex last edited by

      I have been pulling my hair out trying to get this issue resolved and tried everything I have been able to find online (including in these forums) to no avail. Any suggestions would be appreciated.

      Quick Summary:

      • We have a Windows Server 2012 R2 Domain with all clients running W10 Pro.
      • Used to use a Neatgear router VPN but have since outgrown that - moved to pfSense a few days ago
      • Staff need to access network resources remotely while on the VPN, including intranet sites and local devices (IIS, file server management interface, etc).
      • We have a Synology NAS file server, along with three other servers for printing and various applications.

      The problem:

      • Certs are setup, and OpenVPN was configured with the Wizard - very simple setup.
      • Clients can login and connect with no issues
      • Internal devices can be accessed but only through a browser - I can connect to a printer's management site by going to its IP and it comes up instantly.
      • File Sharing appears to be blocked - I cannot directly connect to any shared drives or folders, even having tried three different systems on the network.
      • The Gateway always appears blank when I run ipconfig, no matter what I do

      What I've tried so far, with no success:

      • I completely disabled the Windows Firewall on a VPN Client and on one system in the network to see if that was the cause - it made no difference .
      • I added the 10.0.0.0 - 10.0.0.9 scope to File and Printer Sharing (SMB) inbound rules on a network workstation
      • Added push "route 192.168.1.0 255.255.255.0" to the config file
      • Specified IP, Subnet Mask & Gateway in the TAP Ethernet adapter's settings (Gateway still appears blank)

      Current settings:

      • OpenVPN is running (tun device) on tunnel network 10.0.0.0/24
      • OpenVPN set to port 1194
      • Current max of 5 clients set
      • IPv4 Local network is set to 192.168.1.0/24 (the LAN)
      • pfSense box is the network gateway, sitting at 192.168.1.1
      • pfSense firewall set to * source, * destination, listening on port 1194
      • Default WAN gateway is set to 'dynamic' - unchanged from how it setup automatically. OpenVPN server is set to reference this default setting.

      At this point, it feels like it's 95% of the way there - users can authenticate, connect, and access devices through web ports. They just can't access file shares which is a big deal as it makes the VPN useless for almost everything they need to do.

      Thanks in advance.

      1 Reply Last reply Reply Quote 0
      • G
        gsrtex last edited by

        For anyone who has this problem in the future, I did a facepalm when I realized it was DNS.

        We have a local DNS server which the default adapters are set to through DHCP. However, it had to be configured on the OpenVPN server as well. I had done it the first time, but deleted my entire OpenVPN setup as it wasn't working at all - redid it from scratch and forgot to tick the box for specifying a DNS server.

        I went back and did that, reconnected, and it all works. My eureka moment was trying the file server by its direct IP instead of UNC - it worked flawlessly.

        I feel like an idiot for not realizing this sooner but hopefully someone who has the same brain fart as me can benefit from my post. I hate DNS….

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy