Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No Pings beyond pfS Gateway

    OpenVPN
    3
    4
    379
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BrucexLing
      last edited by

      This is my first foray into VPN server setup.  I have succeeded in getting an OpenVPN client to access my gateway server with response – Initialization Sequence Completed.
      I can ping the pfSense gateway using its LAN address successfully from the client, but I cannot get ping responses for anything on the LAN beyond the gateway.

      Client – OpenVPN 2.3.17-I001-i686 on Win-XP
      Server – OpenVPN on pfSense 2.3.4 on apu2c4

      Any clues on how to troubleshoot this would be most welcomed.

      I have set a rule to pass ICMP.

      1 Reply Last reply Reply Quote 0
      • M
        marvosa
        last edited by

        Post a network map.  Post your server1.conf.

        1 Reply Last reply Reply Quote 0
        • B
          BrucexLing
          last edited by

          Thanks for your attention marvosa.  I’ve attached a sketch map and contents of server1.conf as requested:

          dev ovpns1
          dev-type tun
          tun-ipv6
          dev-node /dev/tun1
          writepid /var/run/openvpn_server1.pid
          #user nobody
          #group nobody
          script-security 3
          daemon
          keepalive 10 60
          ping-timer-rem
          persist-tun
          persist-key
          proto udp
          cipher AES-256-CBC
          auth SHA1
          up /usr/local/sbin/ovpn-linkup
          down /usr/local/sbin/ovpn-linkdown
          client-connect /usr/local/sbin/openvpn.attributes.sh
          client-disconnect /usr/local/sbin/openvpn.attributes.sh
          local 180.181.41.xx
          tls-server
          server 192.168.20.0 255.255.255.0
          client-config-dir /var/etc/openvpn-csc/server1
          username-as-common-name
          auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user TG9jYWwgRGF0YWJhc2U= false server1 1194" via-env
          tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'xxxxxx.net' 1"
          lport 1194
          management /var/etc/openvpn/server1.sock unix
          push "route 192.168.10.0 255.255.255.0"
          push "dhcp-option DOMAIN localdomain"
          push "dhcp-option DNS 180.181.127.4"
          push "dhcp-option DNS 180.181.127.3"
          ca /var/etc/openvpn/server1.ca
          cert /var/etc/openvpn/server1.cert
          key /var/etc/openvpn/server1.key
          dh /etc/dh-parameters.2048
          tls-auth /var/etc/openvpn/server1.tls-auth 0
          persist-remote-ip
          float
          topology subnet


          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            Ensure that

            • pfSense is the default gateway on the hosts behind.
            • you have a firewall rule set on the OpenVPN interface which allow the access.
            • the destination hosts system firewalls do not block the access.
            1 Reply Last reply Reply Quote 0
            • First post
              Last post