OpenVPN - Unable to access LAN Subnet except Gateway
-
Hello using OpenVPN for a couple weeks now and have been unable to figure out my LAN Subnet Access.
OpenVPN is on 10.25.2.0
LAN is on 10.25.1.0LAN can ping OpenVPN Subnet computers.
OpenVPN Computers can ping LAN Gateway address and anything on OpenVPN Subnet.
OpenVPN Computers can also access internet via PFsense gateway.OpenVPN can't access anything besides gateway on LAN.
this is the routing table on PFsense-
Destination Gateway Flags Netif Expire
default 66.205.149.129 UGS em0
10.25.1.0/24 link#2 U em1
10.25.1.2 link#2 UHS lo0
10.25.2.0/29 10.25.2.2 UGS ovpns1
10.25.2.1 link#7 UHS lo0
10.25.2.2 link#7 UH ovpns1
55.55.55.555/26 link#1 U em0
55.55.55.135 link#1 UHS lo0
127.0.0.1 link#6 UH lo0I hope I am providing enough information, thanks for any help you can provide.
-
Post the contents of your OpenVPN server config (located in "/var/etc/openvpn")
What netmask is being used for each subnet?
I'll be able to confirm it when you post your config, but just looking at your routing table, I can see that there's no route to your tunnel network. So, what's happening is when users try to communicate with your LAN, the return traffic is being dropped because your router (PFsense) doesn't know where to send traffic destined for your tunnel network.
My guess…. you forgot to enter your LAN subnet in the "IPv4 Local network(s)" section on your config.
-
thanks! no further help required.
I was missing a gateway on the LAN device I was trying to access.Thanks for your help!
-
Yep, that'll do it too :)
Plus, I was mistaken, there is a route to your tunnel network (10.25.2.0/29). However, I was surprised to see it at only a /29… you're only going to get 5 users out of that, but... maybe that's all you need.