Pfsense blocks LAN VPN traffic



  • Hi everybody I'm new at this and still learning. A few day ago I installed last version of Pfsense and everything works perfect till moment when I try to use my local VPN which connects to other PC at the same network.
    In fact VPN is a application which connects herself to a Middle-Tier Server on Windows Server machine but connections are refused. I find nothing in the logs that can help me solve the problem.
    I'm grateful for any advice


  • Netgate Administrator

    More information required.

    The VPN client and server are on the same subnet?

    That subnet is behind pfSense?

    How is the client connecting, by IP? By FQDN? By hostname?

    What type of VPN is it?

    Could be this:
    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks
    But just a guess at this point.

    Steve



  • Yes VPN and client are on the same subnet (192.168.3.0/24) and yes everything is behind PFsense including DC (Zentyal)
    Client use IP to connect. Application was made by some Greek guys years ago and I do not have any information about it. What I know is that the Middle-Tier server use net.tcp protocol for some reason.

    Error
    Could not connect to net.tcp://10.0.0.4:8899/WCFService
    TCP error code 10060


  • Netgate Administrator

    Ok, so 10.0.0.4 is not in the 192.168.3.0/24 subnet.

    Is the VPN server actually at 10.0.0.4? How is that subnet connected?

    If the client and server really are both in the 192.168.3.0 subnet that that's the wrong IP address the client is using. In that instance the traffic would go directly between them so pfSense would never see it.

    However running a VPN between two devices on the same subnet seems… unusual at best.  ;)

    Steve