Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I access a particular computer on my network via OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    13 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      king.solomon77
      last edited by

      I'm a bit of a pfsense /OpenVPN newbie so here is my current problem. I have pfsense set up with OpenVPN. I am able to connect remotely to the pfsense GUI. My OpenVPN network is 10.0.8.0/24 while the local network is 192.168.1.1/24. Now my question is, how do I access a particular computer with LAN IP 192.168.1.5 remotely via this VPN connection? Right now I am just able to access the pfsense GUI which is on 10.0.8.1 which corresponds to 192.168.1.1 on the LAN.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        I'm sorry that makes no sense.

        Right now I am just able to access the pfsense GUI which is on 10.0.8.1 which corresponds to 192.168.1.1 on the LAN.

        What does that even mean?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • K
          king.solomon77
          last edited by

          What I mean is that I have a LAN that has the following configuration 192.168.1.1/24. On this LAN the address for the pfsense GUI is 192.168.1.1 . Now I when I use VPN to access my network remotely I use the address 10.0.8.1 to access the pfsense GUI. Thats what I was saying. Now I would like to use the VPN to access a computer/server that has the LAN address 192.168.1.5 but do not know how to go about that. That is the question I would like help with.

          1 Reply Last reply Reply Quote 0
          • D
            david_harrison
            last edited by david_harrison

            you need to add the network into the allowable networks in the VPN configuration page
            0_1545033017961_53881467-47d8-4a1f-86f7-7f6fe345875b-image.png

            1 Reply Last reply Reply Quote 2
            • K
              king.solomon77
              last edited by

              Thank you, I've added the LAN 192.168.1.1/24 to the configuration. Now my question is what IP address do i put into the browser when I am connected remotely via VPN to access the computer that is 192.168.1.5 on the LAN? How will my computer know to access that IP via the VPN?

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                You would access it at 192.168.1.5.

                The 192.168.1.5 node has to have a route to 10.10.1.0/24 with a gateway of pfSense. This is usually accomplished by the taget server's default gateway.

                The 192.168.1.5 server's LOCAL firewall must also pass traffic from non-local addresses.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • K
                  king.solomon77
                  last edited by

                  Thank you @Derelict , please break it down a bit for me, my apologies once again. How do I ensure it has a "route" to 10.10.1.0/24. Sorry if I'm a bit slow to get it.

                  1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate
                    last edited by

                    Is its default gateway pfSense?

                    Can you ping 10.10.1.1 from that host?

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • K
                      king.solomon77
                      last edited by

                      Yes pfsense is the default gateway. I can ping the node in questions 192.168.1.5 from the pfsense gui which I am accessing remotely via VPN on the IP address 10.0.8.1

                      1 Reply Last reply Reply Quote 0
                      • DerelictD
                        Derelict LAYER 8 Netgate
                        last edited by

                        Can you ping it from pfSense selecting OpenVPN as the source?

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • K
                          king.solomon77
                          last edited by

                          Ok, for some reason I've got disconnected from the VPN and it wont re-connect. Hope I didn't break anything. Was working fine. Will have to get it reconnected then I will try the ping. I was using the ping feature from the pfsense dashboard >diagnostic>ping

                          1 Reply Last reply Reply Quote 0
                          • D
                            divsys
                            last edited by

                            One thing to watch for: if your LOCAL network is the same subnet as the REMOTE, you'll have trouble making this work.

                            In your example, if the PC you're connecting FROM has an IP address in the 192.168.1.0/24 range then there will be a problem getting it to chose the REMOTE 192.168.1.5 server across the OpenVPN link.

                            If you ensure your local subnet is something else, it all becomes fairly trivial. Once the OpenVPN link is established properly, your LOCAL PC becomes "aware" of the 192.168.1.0 network and you can just refer to it as if you were physically connected. You can put http://192.168.1.1 in your browser and access the remote pfSense, or http://192.168.1.5 and access a remote webserver.

                            That's part of the beauty of OpenVPN, it adheres (mostly) to the KISS principle....

                            -jfp

                            K 1 Reply Last reply Reply Quote 1
                            • K
                              king.solomon77 @divsys
                              last edited by

                              @divsys Thank you that makes it very clear. I'll have to change my local subnet, so that at the remote site i'm trying to connect to via OpenVPN has its own unique subnet. Thank you soo much. Will let you guys know when I get it all working

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.