OpenVPN Connecting, but can't access LAN IP's

codemonkey76

OK, I am sure i have done something wrong in the setup, but for the life of me can't work it out.

I have the tunnel setting shown in the pictures.

When I connect with openvpn, my routing table looks like this:

Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0        10.0.0.1      10.0.0.113    55
        10.0.0.0    255.255.255.0        On-link        10.0.0.113    311
      10.0.0.113  255.255.255.255        On-link        10.0.0.113    311
      10.0.0.255  255.255.255.255        On-link        10.0.0.113    311
        10.10.0.0    255.255.255.0        10.11.0.1        10.11.0.2    291
        10.11.0.0    255.255.255.0        On-link        10.11.0.2    291
        10.11.0.2  255.255.255.255        On-link        10.11.0.2    291
      10.11.0.255  255.255.255.255        On-link        10.11.0.2    291
        10.16.0.0    255.255.255.0        10.11.0.1        10.11.0.2    291
        10.17.0.0    255.255.255.0        10.11.0.1        10.11.0.2    291
        127.0.0.0        255.0.0.0        On-link        127.0.0.1    331
        127.0.0.1  255.255.255.255        On-link        127.0.0.1    331
  127.255.255.255  255.255.255.255        On-link        127.0.0.1    331
        224.0.0.0        240.0.0.0        On-link        127.0.0.1    331
        224.0.0.0        240.0.0.0        On-link        10.0.0.113    311
        224.0.0.0        240.0.0.0        On-link        10.11.0.2    291
  255.255.255.255  255.255.255.255        On-link        127.0.0.1    331
  255.255.255.255  255.255.255.255        On-link        10.0.0.113    311
  255.255.255.255  255.255.255.255        On-link        10.11.0.2    291

so it looks the entries for 10.10.0.0/24, 10.16.0.0/24, 10.17.0.0/24 are correctly added to my routing table. But i still can't access machines on those addresses.

I have an allow all rule on my OpenVPN interface

Not sure what to check next.

viragomann

Is the pfSense which is running the OpenVPN server the default gateway in the remote networks?

Check if you are able to ping the internal interfaces of pfSense.

divsys

Another common issue on Windoze networked machines is that they might not recognize ping/other traffic originating on the VPN tunnel networks.
You can try temporarily turning off the firewall on one of the LAN devices to see if it makes a difference.

Agree with viragomann , step 1 is try to ping the pfSense VPN tunnel, then the pfSense Lan interface, then move on to the LAN

jea

@codemonkey76
By any chance are you running pfS 2.4.3?
I ran into this same problem when upgrading from 2.4.2.
No change in Configuration(s). Same firewall rules.
Can connect and ping port addresses of pfSense box, but not beyond.
Worked perfectly with 2.4.2 (and 32 bit versions).

Same openvpn version (2.4.4), same SSL library version(1.0.2m) on both 2.4.2 and 2.4.3

I'd like to understand what has broken.