Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Default gateway

    OpenVPN
    2
    3
    383
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rsloan
      last edited by

      Hi,

      Hopefully I'm missing something obvious but can't see what.

      I've setup an OpenVPN server using tap mode as my VPN clients need to have a real LAN address as some of the services they access are only accessible when connected to the local network as they use a company proxy.

      I have the LAN / OVPN interfaces bridged and have 'bridge DHCP' enabled under 'Tunnel Setting'. If I leave 'Server Bridge DHCP start' and 'Server Bridge DHCP End' blank, I do get an IP address, subnet mask, dns and default gateway from the DHCP server to the VPN client but I'm unable to access or even ping any devices on the LAN.

      If I set a 'Server Bridge DHCP start' (192.168.6.220) and 'Server Bridge DHCP End' (192.168.6.250) address, I then have no gateway specified on the VPN client but can access the internal network by IP address only, but despite requiring all traffic to go via the VPN, I have no internet access.

      My network setup is as follows:

      My lan is on four subnets:

      192.168.6.0/24 (DHCP enabled)
      192.168.7.0/24 (Addresses statically assigned)
      192.168.8.0/24 (Addresses statically assigned)
      192.168.9.0/24 (Addresses statically assigned)

      The gateway address is 192.168.7.5.

      VPN clients need to have an address within the 192.168.6.0/24 range and be able to access all subnets as users directly connected to the LAN do.

      As a side note, machines on the LAN also need to be accessible via NETBIOS name as well as IM address (Mainly terminal servers)

      Regards,

      Robert.

      1 Reply Last reply Reply Quote 0
      • G
        GoldFish
        last edited by

        At the first glance, it looks an issue with the rules. Did you use OpenVPN Wizard to setup the VPN? The wizard automatically adds access rules and also provides you an option to choose a list of subnets you want to provide access to the VPN clients. There you can choose all the subnets on your LAN.

        • pfSense Enthusiast *
        1 Reply Last reply Reply Quote 0
        • R
          rsloan
          last edited by

          Hi,

          I saw the option to choose subnets but not a gateway address. Although I'm able to get a connection to the servers using a tun connection, I need to be able to use tap so homeworkers are able to use there VOIP phones.

          Do you have any other ideas on what I could try?

          Thank you for your response.

          Regards,

          Robert.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post