1. Home
  2. pfSense® Software
  3. OpenVPN
  4. Access local pc via openvpn

Access local pc via openvpn

  • S

    Hello
    I setup oepnvpn server on vps (centos). Pfsense connect and I can browse. From lan side I can ping oepnvpn server ip but from openvpn server or others openvpn client I can not ping local pc behind pfsense. Where do I start looking?
    Openvpn server Ip : 10.8.0.1
    Pfsense Ip (vpn Ip) : 10.8.0.2
    Pfsense Local Ip : 192.168.10.99
    Lan Pc : 192.168.10.100

    
Openvpn Server :
port 1195
proto udp
dev tun
user nobody
group nobody
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1 bypass-dhcp" 
crl-verify crl.pem
ca ca.crt
cert server_1uN8x5lUtTuW9IRX.crt
key server_1uN8x5lUtTuW9IRX.key
tls-auth tls-auth.key 0
dh dh.pem
auth SHA256
cipher AES-128-CBC
tls-server
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
status openvpn.log
verb 3
# Client Config Directory
client-config-dir /etc/openvpn/ccd


    
Cleint Config:
client
proto udp
remote *********************************
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_1uN8x5lUtTuW9IRX name
auth SHA256
auth-nocache
cipher AES-128-CBC
tls-client
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
setenv opt block-outside-dns
verb 3
key-direction 1

```![Openvpn Lan copy.jpg](/public/_imported_attachments_/1/Openvpn Lan copy.jpg)
![Openvpn Lan copy.jpg_thumb](/public/_imported_attachments_/1/Openvpn Lan copy.jpg_thumb)
    0
  • S

    You'll need to create a firewall rule on the OpenVPN tab with that IP range as the source, otherwise it'll be blocked.  If you just make that range the source and the destination Any, it should let everything through.

    0
  • S

    Hi
    Openvpn tab not my vpn client interface?


    0
  • johnpoz
    LAYER 8 Global Moderator

    Why would you not just run openvpn server on pfsense?

    Looks like your trying to use pfsense as client and another client.  And then let some client through the common vpn tunnel into devices behind pfsense..

    Also keep in mind this client behind pfsense own firewall.. For example out of the box windows would not allow access from your tunnel network.

    0
  • S

    My isp did not give me real ip. So I attach a cenos openvpn client. Real ip too much costly here.

    0
  • johnpoz
    LAYER 8 Global Moderator

    So your saying your behind a carrier grade nat and have no way for inbound traffic to your pfsense box.

    0
  • S

    Yes and they block sip packet too.

    0
  • johnpoz
    LAYER 8 Global Moderator

    Well let me see… I have a vps running openvpn access server, that pfsense is a client into... Let me see what you have to do allow another client of this openvpn access server running on vps into network behind pfsense...

    Should be a simple route.. Give me a bit..

    0
  • S

    Hi Johnpoz
    Do you get any solution for me?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy