Cannot access my hosts within LAN (VPN)

jutje · Jan 15, 2018, 7:18 PM

Hallo there,

I have config OpenVPN on my pfsense box. I was able to connect with no issue with my Android device using (OpenVPN for Android)
But on my laptop it does not work. I do get a Tunnel IP from my box but am not able to ping any host in my netwerk. This is well the case if i use my Android phone.

Mon Jan 15 20:04:57 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Mon Jan 15 20:04:57 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Jan 15 20:04:57 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Mon Jan 15 20:05:42 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]<public_ip>:1134
Mon Jan 15 20:05:42 2018 UDP link local (bound): [AF_INET][undef]:1194
Mon Jan 15 20:05:42 2018 UDP link remote: [AF_INET]<public_ip>:1134
Mon Jan 15 20:05:42 2018 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Mon Jan 15 20:05:42 2018 [www.myhome.com] Peer Connection Initiated with [AF_INET]<public_ip>:1134
Mon Jan 15 20:05:43 2018 open_tun
Mon Jan 15 20:05:43 2018 TAP-WIN32 device [PIA] opened: \.\Global{015BD87F-D73C-4C09-8C64-BAAD793EDD8C}.tap
Mon Jan 15 20:05:43 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.0.0/10.0.0.2/255.255.255.248 [SUCCEEDED]
Mon Jan 15 20:05:43 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.0.2/255.255.255.248 on interface {015BD87F-D73C-4C09-8C64-BAAD793EDD8C} [DHCP-serv: 10.0.0.6, lease-time: 31536000]
Mon Jan 15 20:05:43 2018 Successful ARP Flush on interface [2] {015BD87F-D73C-4C09-8C64-BAAD793EDD8C}
Mon Jan 15 20:05:43 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jan 15 20:05:48 2018 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=2]
Mon Jan 15 20:05:48 2018 Initialization Sequence Completed</public_ip></public_ip></public_ip>

Plz help

GentleJoe · Jan 16, 2018, 3:35 AM

Can you ping hosts by IP address at all? or just not by name?

Make sure that - Inter-client communication - Allow communication between clients connected to this server, is checked on the OPenVPN server.

If by IP address works and by name does not work, then make sure - DNS Server enable - Provide a DNS server list to clients, is checked, and that your main pfsense dns server is listed at the top.

Also make sure that the Firewall\Rules\OpenVPN and Firewall\Rules\WAN rules are in place to pass all OpenVPN traffic to LAN.

jutje · Jan 16, 2018, 10:42 AM

Can you ping hosts by IP address at all?

No i can not ping my hosts at all

Inter-client communication

Yes I do have it enable

But what i do find strange is am able to ping all my hosts when i connect with my Android phone. But that's not the case when i try to connect with my laptop.

Additional info:
IPv4 Tunnel Network
10.0.0.0/29

IPv4 Local network
172.16.0.1/22