OpenVPN connecting but can't access to my local devices / shared folder

OpenVPN
Log in to reply
  • J

    Hello everyone,

    2 days ago i created an access to my local network througth openvpn.
    I just created a simple user (SSL TLS + User auth.) and correctly connect to my network and i was able to access to my share folder.

    But yestuday i tried to connect to my vpn thank to my ad account.
    Now i can connect to my network thank to my ad account and local pfsense user but i don't know why i can't access to my shared folder / network devices anymore. Could you help me please, it's pretty strange because i"m correctly connect to my vpn but can't access to my network ressources.

    More information :
    My pfsense version : 2.4.3

    My network configuration :

    0_1531295755810_Capture.PNG

    here my client configuration

    dev tun
persist-tun
persist-key
cipher AES-256-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA1
tls-client
client
resolv-retry infinite
remote XXXXXXXXX 1194 udp
verify-x509-name "Certificat Serveur Partage VPN" name
auth-user-pass
pkcs12 pfSense-UDP4-1194-XXXXX.p12
tls-auth pfSense-UDP4-1194-XXXXX-tls.key 1
remote-cert-tls server

    Et voici ci dessous la configuration du serveur openvpn :
    3_1531297821170_SERVEUROPEN4.PNG 2_1531297821170_SERVEUROPEN3.PNG 1_1531297821170_SERVEUROPEN2.PNG 0_1531297821170_SERVEUROPEN1.PNG

    my client logs

    Wed Jul 11 10:17:14 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Jul 11 10:17:14 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jul 11 10:17:14 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Wed Jul 11 10:17:21 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]XXXXXXXXX:1194
Wed Jul 11 10:17:21 2018 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 11 10:17:21 2018 UDP link remote: [AF_INET]XXXXXXXXX:1194
Wed Jul 11 10:17:21 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Jul 11 10:17:22 2018 [Certificat Serveur Partage VPN] Peer Connection Initiated with [AF_INET]XXXXXXXXX:1194
Wed Jul 11 10:17:23 2018 open_tun
Wed Jul 11 10:17:23 2018 TAP-WIN32 device [Ethernet 4] opened: \\.\Global\{57DA1C56-202B-471C-802F-DD2BEFDFBA1D}.tap
Wed Jul 11 10:17:23 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.8.0/10.0.8.2/255.255.255.0 [SUCCEEDED]
Wed Jul 11 10:17:23 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.8.2/255.255.255.0 on interface {57DA1C56-202B-471C-802F-DD2BEFDFBA1D} [DHCP-serv: 10.0.8.254, lease-time: 31536000]
Wed Jul 11 10:17:23 2018 Successful ARP Flush on interface [9] {57DA1C56-202B-471C-802F-DD2BEFDFBA1D}
Wed Jul 11 10:17:23 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Jul 11 10:17:28 2018 Initialization Sequence Completed

    and my server logs :

    Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_VER=2.4.4
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_PLAT=win
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_PROTO=2
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_NCP=2
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_LZ4=1
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_LZ4v2=1
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_LZO=1
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_COMP_STUB=1
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_COMP_STUBv2=1
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_TCPNL=1
Jul 11 10:17:22 pfSense openvpn[268]: XXXXX/77.136.204.222:1194 peer info: IV_GUI_VER=OpenVPN_GUI_11
Jul 11 08:17:22 pfSense openvpn: user 'XXXXX' authenticated

    I don't know if the problem come from ip overslaping or an other problem.

    Thank a lot for your help.

    0
  • J

    Après quelques recherches il s'avère que c'est me pare feu de mon antivirus qui me bloque.

    0
  • bepo

    Hello,

    is everything working now?
    Did you created firewall rules for incoming traffic?

    Kind regards

    0
  • J

    Hello Yes all is working, after some rechearch i found something concerning virus protection.
    But now my problem is : i have to disable my bitdefender firewall to access to my network. Someone know how to enable the btdefender firewall and add an exception ?

    Thank a lot

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy