• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN Default gateway

Scheduled Pinned Locked Moved OpenVPN
3 Posts 2 Posters 714 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    rsloan
    last edited by Dec 16, 2017, 10:37 AM

    Hi,

    Hopefully I'm missing something obvious but can't see what.

    I've setup an OpenVPN server using tap mode as my VPN clients need to have a real LAN address as some of the services they access are only accessible when connected to the local network as they use a company proxy.

    I have the LAN / OVPN interfaces bridged and have 'bridge DHCP' enabled under 'Tunnel Setting'. If I leave 'Server Bridge DHCP start' and 'Server Bridge DHCP End' blank, I do get an IP address, subnet mask, dns and default gateway from the DHCP server to the VPN client but I'm unable to access or even ping any devices on the LAN.

    If I set a 'Server Bridge DHCP start' (192.168.6.220) and 'Server Bridge DHCP End' (192.168.6.250) address, I then have no gateway specified on the VPN client but can access the internal network by IP address only, but despite requiring all traffic to go via the VPN, I have no internet access.

    My network setup is as follows:

    My lan is on four subnets:

    192.168.6.0/24 (DHCP enabled)
    192.168.7.0/24 (Addresses statically assigned)
    192.168.8.0/24 (Addresses statically assigned)
    192.168.9.0/24 (Addresses statically assigned)

    The gateway address is 192.168.7.5.

    VPN clients need to have an address within the 192.168.6.0/24 range and be able to access all subnets as users directly connected to the LAN do.

    As a side note, machines on the LAN also need to be accessible via NETBIOS name as well as IM address (Mainly terminal servers)

    Regards,

    Robert.

    1 Reply Last reply Reply Quote 0
    • G
      GoldFish
      last edited by Dec 17, 2017, 10:45 PM

      At the first glance, it looks an issue with the rules. Did you use OpenVPN Wizard to setup the VPN? The wizard automatically adds access rules and also provides you an option to choose a list of subnets you want to provide access to the VPN clients. There you can choose all the subnets on your LAN.

      • pfSense Enthusiast *
      1 Reply Last reply Reply Quote 0
      • R
        rsloan
        last edited by Dec 18, 2017, 2:19 PM

        Hi,

        I saw the option to choose subnets but not a gateway address. Although I'm able to get a connection to the servers using a tun connection, I need to be able to use tap so homeworkers are able to use there VOIP phones.

        Do you have any other ideas on what I could try?

        Thank you for your response.

        Regards,

        Robert.

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received