AWS openvpn pfsense unable to ping client from server



  • Thanks in advance to anyone reading this!

    I'm trying to do this in 2 phases: 1. Get server–>client ping working using the openvpn client software over wifi. and then phase 2. Turn wifi off/ disconnect the openvpn client software an use the wired connection through the pfsense to establish the tunnel.

    I have a SG-1000 (WAN) attached to the LAN of my home router and I'm able to reach my AWS OpenVPN-AS (via the LAN of the SG-1000) and I can even ping my Win2012 server through this tunnel (yay). But I need to be able to ping my laptop from all of the AWS servers. Currently, I CAN ping my laptop from the openVPN server, but not from the 2012r2 server.
    I'm sure this is a simple issue, but I'm not sure how or where to accomplish the routing. Is this done in iptables on the OpenVPN server? is it done in the AWS console? or do I just need to use a "push route" command correctly in my client or server config?

    My home network is 192.168.1.x  and attaches to the WAN of my pfsense which creates a 192.168.2.1 on its LAN and servers DHCP to my laptop (in phase 2)
    The Tunnel is 10.0.8.0/24.
    The AWS private network is 172.31.0.0/16 with servers at 172.31.28.97/22 (2012R2) and 172.31.28.165/22 (openVPN)
    My laptop receives 10.0.10.6 if I use the OpenVPN client software over wifi (I'm testing via this method as I realize the pfsense adds and additional layer or routing complexity, which I ultimately need to figure out, but first I simply need to ping via the laptop using the client software over wifi, then switch to the wired config behind the pfsense)

    Where do I begin to be able to ping from server to client?
    I get the feeling that its the iptables config on the openvpn server, but I have some trouble understanding iptables in general and would really appreciate any insight.


Log in to reply