Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN to LAN subnet partially working

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 336 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      frank2782
      last edited by

      Hi, I'm trying to make an Open VPN access to allow multiple remote users to access LAN subnet and, mainly, work with remote IPSEC VPN.

      My setup:
      LAN-192.168.10.0/24–--WAN--->Internet<----OpenVPN Remote Cli-172.16.1.0/24
                  |                                          |
                    --IPSEC VPN srvr 10.0.2.100--

      This is the OpenVPN server configuration:
      Remote Access (SSL/TLS + User Auth)
      TUN
      interface: WAN
      local port: 1194
      IPv4 Tunnel Network: 172.16.1.0/24
      IPv4 Local Network: 192.168.10.0/24

      With this setup I'm able to establish OpenVPN connection and ping the lan subnet 192.168.10.0/24 from two clients but I'm not able to ping the remote IPSec server in any way.
      In the firewall rules I don't see any block, I see PASS from source 172.16.1.2 (the first address assigned to remote OpenVPN client) to remote server I'm pinging 10.0.2.100

      I also tried
      IPv4 Tunnel Network: 192.168.10.0/24
      IPv4 Local Network: 10.0.2.0/24

      but in this case only the first connected client is able to ping only the pfsense lan address 192.168.10.250 and the remote IPsec server.

      It's obvious that I'm missing something but I'm really new and don't know exactly how to configure it.

      Maybe I can keep this configuration:
      IPv4 Tunnel Network: 172.16.1.0/24
      IPv4 Local Network: 192.168.10.0/24

      and add a phase2 to IPSec Client (and server but I'll have to ask cause I'm not managing it) with 172.16.1.0/24 as local subnet.

      Any help would be much appreciated. Thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.