How do I access a particular computer on my network via OpenVPN

king.solomon77

I'm a bit of a pfsense /OpenVPN newbie so here is my current problem. I have pfsense set up with OpenVPN. I am able to connect remotely to the pfsense GUI. My OpenVPN network is 10.0.8.0/24 while the local network is 192.168.1.1/24. Now my question is, how do I access a particular computer with LAN IP 192.168.1.5 remotely via this VPN connection? Right now I am just able to access the pfsense GUI which is on 10.0.8.1 which corresponds to 192.168.1.1 on the LAN.

Derelict

I'm sorry that makes no sense.

Right now I am just able to access the pfsense GUI which is on 10.0.8.1 which corresponds to 192.168.1.1 on the LAN.

What does that even mean?

king.solomon77

What I mean is that I have a LAN that has the following configuration 192.168.1.1/24. On this LAN the address for the pfsense GUI is 192.168.1.1 . Now I when I use VPN to access my network remotely I use the address 10.0.8.1 to access the pfsense GUI. Thats what I was saying. Now I would like to use the VPN to access a computer/server that has the LAN address 192.168.1.5 but do not know how to go about that. That is the question I would like help with.

david_harrison

you need to add the network into the allowable networks in the VPN configuration page

king.solomon77

Thank you, I've added the LAN 192.168.1.1/24 to the configuration. Now my question is what IP address do i put into the browser when I am connected remotely via VPN to access the computer that is 192.168.1.5 on the LAN? How will my computer know to access that IP via the VPN?

Derelict

You would access it at 192.168.1.5.

The 192.168.1.5 node has to have a route to 10.10.1.0/24 with a gateway of pfSense. This is usually accomplished by the taget server's default gateway.

The 192.168.1.5 server's LOCAL firewall must also pass traffic from non-local addresses.

king.solomon77

Thank you @Derelict , please break it down a bit for me, my apologies once again. How do I ensure it has a "route" to 10.10.1.0/24. Sorry if I'm a bit slow to get it.

Derelict

Is its default gateway pfSense?

Can you ping 10.10.1.1 from that host?

king.solomon77

Yes pfsense is the default gateway. I can ping the node in questions 192.168.1.5 from the pfsense gui which I am accessing remotely via VPN on the IP address 10.0.8.1

Derelict

Can you ping it from pfSense selecting OpenVPN as the source?

king.solomon77

Ok, for some reason I've got disconnected from the VPN and it wont re-connect. Hope I didn't break anything. Was working fine. Will have to get it reconnected then I will try the ping. I was using the ping feature from the pfsense dashboard >diagnostic>ping

divsys

One thing to watch for: if your LOCAL network is the same subnet as the REMOTE, you'll have trouble making this work.

In your example, if the PC you're connecting FROM has an IP address in the 192.168.1.0/24 range then there will be a problem getting it to chose the REMOTE 192.168.1.5 server across the OpenVPN link.

If you ensure your local subnet is something else, it all becomes fairly trivial. Once the OpenVPN link is established properly, your LOCAL PC becomes "aware" of the 192.168.1.0 network and you can just refer to it as if you were physically connected. You can put http://192.168.1.1 in your browser and access the remote pfSense, or http://192.168.1.5 and access a remote webserver.

That's part of the beauty of OpenVPN, it adheres (mostly) to the KISS principle....

king.solomon77

@divsys Thank you that makes it very clear. I'll have to change my local subnet, so that at the remote site i'm trying to connect to via OpenVPN has its own unique subnet. Thank you soo much. Will let you guys know when I get it all working