4. OpenVPN Connecting, but can't access LAN IP's

OpenVPN Connecting, but can't access LAN IP's

  • C

    OK, I am sure i have done something wrong in the setup, but for the life of me can't work it out.

    I have the tunnel setting shown in the pictures.

    When I connect with openvpn, my routing table looks like this:

    Active Routes:
    Network Destination        Netmask          Gateway      Interface  Metric
              0.0.0.0          0.0.0.0        10.0.0.1      10.0.0.113    55
            10.0.0.0    255.255.255.0        On-link        10.0.0.113    311
          10.0.0.113  255.255.255.255        On-link        10.0.0.113    311
          10.0.0.255  255.255.255.255        On-link        10.0.0.113    311
            10.10.0.0    255.255.255.0        10.11.0.1        10.11.0.2    291
            10.11.0.0    255.255.255.0        On-link        10.11.0.2    291
            10.11.0.2  255.255.255.255        On-link        10.11.0.2    291
          10.11.0.255  255.255.255.255        On-link        10.11.0.2    291
            10.16.0.0    255.255.255.0        10.11.0.1        10.11.0.2    291
            10.17.0.0    255.255.255.0        10.11.0.1        10.11.0.2    291
            127.0.0.0        255.0.0.0        On-link        127.0.0.1    331
            127.0.0.1  255.255.255.255        On-link        127.0.0.1    331
      127.255.255.255  255.255.255.255        On-link        127.0.0.1    331
            224.0.0.0        240.0.0.0        On-link        127.0.0.1    331
            224.0.0.0        240.0.0.0        On-link        10.0.0.113    311
            224.0.0.0        240.0.0.0        On-link        10.11.0.2    291
      255.255.255.255  255.255.255.255        On-link        127.0.0.1    331
      255.255.255.255  255.255.255.255        On-link        10.0.0.113    311
      255.255.255.255  255.255.255.255        On-link        10.11.0.2    291

    so it looks the entries for 10.10.0.0/24, 10.16.0.0/24, 10.17.0.0/24 are correctly added to my routing table. But i still can't access machines on those addresses.

    I have an allow all rule on my OpenVPN interface

    Not sure what to check next.

    0
    J
     1 Reply
  • V

    Is the pfSense which is running the OpenVPN server the default gateway in the remote networks?

    Check if you are able to ping the internal interfaces of pfSense.

    0
  • D

    Another common issue on Windoze networked machines is that they might not recognize ping/other traffic originating on the VPN tunnel networks.
    You can try temporarily turning off the firewall on one of the LAN devices to see if it makes a difference.

    Agree with viragomann , step 1 is try to ping the pfSense VPN tunnel, then the pfSense Lan interface, then move on to the LAN

    0
  • J

    @codemonkey76
    By any chance are you running pfS 2.4.3?
    I ran into this same problem when upgrading from 2.4.2.
    No change in Configuration(s). Same firewall rules.
    Can connect and ping port addresses of pfSense box, but not beyond.
    Worked perfectly with 2.4.2 (and 32 bit versions).

    Same openvpn version (2.4.4), same SSL library version(1.0.2m) on both 2.4.2 and 2.4.3

    I'd like to understand what has broken.

    0
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy