Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVpn Made me crazy! Routing problem?

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      loscoz
      last edited by

      Hello everyone! i had configured openvpn following this guide https://www.ceos3c.com/2017/04/10/configure-openvpn-for-pfsense-2-3-step-by-step/
      Everythings good, the clients can connect without any problem, but i see ONLY pfsense in my remote network, not the other pc, printers ecc.
      Culd be a routing problem? firewall and nat seems ok, i attach here the open vpn routing table.

      Some info:

      Tunnell: 192.168.10.0/24
      Remote network: 192.168.0.0/24
      DNS: 192.168.0.200 (pfsense ip)
      port: 1194

      thanks!
      openvpn.jpg
      openvpn.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann
        last edited by

        That may be caused by a couple of reasons:

        • The OpenVPN server isn't the default gateway for the device you try to access.

        • The device blocks the access itself. Windows firewalls for instance do this by default.

        • The client doesn't set the routes.

        • pfSense blocks the access, cause you're rules aren't set corectly.

        Since you don't offer configuration details, it's hard to say what's the reason for your problem.

        1 Reply Last reply Reply Quote 0
        • L Offline
          loscoz
          last edited by

          It works!! Thanks!! probably stupid win firewall block me :-
          I've a doubt: the vpn now works great, but i can reach the remote device using remote ip, i try to explain:

          My tunnel is for  example 10.0.0.0/24
          Remote net is 192.168.0.0/24

          after connecting to openvpn, i can reach my nas with this local ip, 192.168.0.100, it's correct? or i should to have a tunnel ip like 10.0.0.100?
          Thanks a lot

          1 Reply Last reply Reply Quote 0
          • V Offline
            viragomann
            last edited by

            No, by default the client add routes for the remote network after connecting. So it goes this way, you access the devices with their real local IP.

            1 Reply Last reply Reply Quote 0
            • L Offline
              loscoz
              last edited by

              ok great! one last question, if i have the local net and remote net with same ip class, and a device with same ip in local and remote? for example:

              local net: 192.168.0.0/24
              local printer: 192.168.0.30
              vpn tunnel: 10.0.0.0/24
              remote net: 192.168.0.0/24
              remote nas: 192.168.0.30

              in this case, printer and nas has the same ip!is a problem? where i go? to nas or to printer? thanks very very mutch

              1 Reply Last reply Reply Quote 0
              • K Offline
                kejianshi
                last edited by

                Its late, so if I'm posting in error, forgive me.

                However, when VPNs are involved, its best to makes sure that the networks involved are different.

                Its also best if both are moved to private but not common numbers…

                Like 192.168.32.0/24 for the local network.

                Then

                192.168.33.0/24 for the remote network.

                And move the VPN networks in pfsense to something sane but also unique and uncommon like 10.12.14.0/24

                You really don't want your networks getting confused about where to send your packets.

                You never know what you might want to connect to this in the future, so why not make it idiot proof?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.