No Pings beyond pfS Gateway



  • This is my first foray into VPN server setup.  I have succeeded in getting an OpenVPN client to access my gateway server with response – Initialization Sequence Completed.
    I can ping the pfSense gateway using its LAN address successfully from the client, but I cannot get ping responses for anything on the LAN beyond the gateway.

    Client – OpenVPN 2.3.17-I001-i686 on Win-XP
    Server – OpenVPN on pfSense 2.3.4 on apu2c4

    Any clues on how to troubleshoot this would be most welcomed.

    I have set a rule to pass ICMP.



  • Post a network map.  Post your server1.conf.



  • Thanks for your attention marvosa.  I’ve attached a sketch map and contents of server1.conf as requested:

    dev ovpns1
    dev-type tun
    tun-ipv6
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-256-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/openvpn.attributes.sh
    client-disconnect /usr/local/sbin/openvpn.attributes.sh
    local 180.181.41.xx
    tls-server
    server 192.168.20.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc/server1
    username-as-common-name
    auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user TG9jYWwgRGF0YWJhc2U= false server1 1194" via-env
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'xxxxxx.net' 1"
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    push "route 192.168.10.0 255.255.255.0"
    push "dhcp-option DOMAIN localdomain"
    push "dhcp-option DNS 180.181.127.4"
    push "dhcp-option DNS 180.181.127.3"
    ca /var/etc/openvpn/server1.ca
    cert /var/etc/openvpn/server1.cert
    key /var/etc/openvpn/server1.key
    dh /etc/dh-parameters.2048
    tls-auth /var/etc/openvpn/server1.tls-auth 0
    persist-remote-ip
    float
    topology subnet




  • Ensure that

    • pfSense is the default gateway on the hosts behind.
    • you have a firewall rule set on the OpenVPN interface which allow the access.
    • the destination hosts system firewalls do not block the access.