OpenVPN Client can not Access LAN!



  • Dear All,

    I had successfully set up the latest version 1.2.1 pfsense. Services are configured successfully included dyndns/DHCP/OpenVPN.

    I am facing the following problems after connected to the pfsense server from remote network:

    1. OpenVPN Client connected successfully and getting IP from 192.168.200.x/24 mask and able to access to the pfSense server but can't access the LAN which has an IP 192.168.1.0/24 mask

    More problems arises, I am not able to ping internal networks and access it.
    I had check the routing table and make sure necessary things are done in order to access the internal LAN also the firewall rules. Anyone encountered this issue please assist me to resolve the issue. I also notice the firewall rules actually denied the packet send from the 192.168.200.0/24 network while it try to access to LAN. (It doesn't make sense as there are no rules set to filter in the firewall rules!)

    2. I also setup Access SSH (allow) in Firewall rules for testing purposes, it work flawlessly. i.e I can ping the internal LAN servers and access them through SSH protocol.

    3. I had another identical setup for another office and it works flawlessly which make me clueless to troubleshoot this issue.

    Is anyone faced the above issues or I might miss out some config changes in the latest 1.2.1 pfsense?  ;D



  • Can you post your config?



  • hi,

    Below is my openvpn config

    openvpn (Server)
    Protocol : TCP
    Port: 1194
    Dynamic IP checked
    PKI
    Address Pool 192.168.200.0/24
    Local network 192.168.1.0/24

    openvpn (Client)

    client
    dev tun
    proto tcp
    remote x.dyndns.org 1194
    persist-tun
    persist-key

    ca ca.crt
    cert client.crt
    key client.key
    nscert-type server
    comp-lzo
    verb 3
    route 192.168.1.0 255.255.255.0

    At the firewall rules,
    LAN tab,

    default LAN–> any allow source any --> destination -any

    WAN tab,
    allow vpn --> tcp allow source any --> destination - openvpn (port range 1194)

    Cheers,

    CQ



  • Thanks ! I had solved the problem myself.

    Regards,

    CQ


Locked