Cannot browse to remote nnetwork



  • Hello Good people. Let me cut straight to it.
    Running pfsense on 2 Sg-1000's. One is the client and the other the server.
    I have established connection between the two via a shared key. I can ping from one network to the next in either direction. I can ssh from one to the other. There is an Any to Any rule in place over the OpenVPN interface. However when I try to hit a webserver or any other application I get nothing. It times out.
    I have tried what feels like everything but no luck. Can anyone help? Has anyone seem this phenomenon before? What am I missing here?

    Server network 192.168.200.0/24
    Client network 192.168.100.0/24
    Tun network 192.168.50.0/24 (I even tried making it a /30 as I had seen inn a thread)

    Any guidance would be appreciated. Have some phones at the client side that needs to become active.

    Thanks in advance



  • Show both..

    Both side LAN firewall rules.

    Both side VPN firewall rules.

    Both sides "remote networks" from their VPN config pages..

    The tunnel network will work fine as a /30.



  • And don't forget to check hosts firewalls. Since you mention phones, check ip pbx permitted networks too.



  • See as requested
    Server OpenVPN Rules
    5_1544789143424_server-openvpn-rules.png
    Server LAN rules
    4_1544789143424_server-lan-rules.png
    Server Tunnel config
    3_1544789143424_server-config-tun.png

    Client LAN rules
    2_1544789143424_client-lan-rules.png

    Client OpenVPN Rules
    1_1544789143423_client-openvpn-rules.png

    Client Tunnel Config
    0_1544789143423_client-tun-config.png



  • @bevan said in Cannot browse to remote nnetwork:

    when I try to hit a webserver or any other application I get nothing

    Im going to guess that a firewall on the machine your trying to reach is getting you.

    Remember- anything outside of the subnet of a Windows machine is considered by it "public" and the public firewall rules will be enforced.



  • @chpalmer

    The machines in question are a linux box (firewall off) and grandstream phones. (cant connect to the phones web interface and the phones can't register to the pbx server (the linux box). Oh plus there is a synology NAS that can't be reached either. So no, no windows firewall or any other firewall.


Log in to reply