Everything works but ping replies and ssh
-
Hi all,
I successfully configured an OpenVPN server for remote access by using the wizard.The IPv4 tunnel network is
10.0.8.0/24.
The IPv4 local network is172.16.0.0/24.My client is a Mac. I'm using Tunnelblick.
I can successfully connect to the VPN and I can ssh into the pfSense machine by issuing the command
ssh 172.16.0.3.So, everything seems to work but if I try to
ping 172.16.0.195from the client, the host receives the request but it doesn't reply (I inspected by usingtcpdump -i ens224 icmpon the host).15:15:25.089548 IP 10.0.8.2 > 172.16.0.196: ICMP echo request, id 65032, seq 3, length 64 15:15:26.101279 IP 10.0.8.2 > 172.16.0.196: ICMP echo request, id 65032, seq 4, length 64 15:15:27.103493 IP 10.0.8.2 > 172.16.0.196: ICMP echo request, id 65032, seq 5, length 64 15:15:28.099271 IP 10.0.8.2 > 172.16.0.196: ICMP echo request, id 65032, seq 6, length 64 15:15:29.106835 IP 10.0.8.2 > 172.16.0.196: ICMP echo request, id 65032, seq 7, length 64 15:15:30.113523 IP 10.0.8.2 > 172.16.0.196: ICMP echo request, id 65032, seq 8, length 64Also, I can't ssh into the host (through VPN).
I read many threads here but I couldn't find any solution.
Can you help me, please?
Thanks,
Adriano -
@adigiovanni is the pfSense running your OpenVPN also your router/default gateway? If not, the "host" is trying to reply to your vpn client through it's default gateway (your router). If my guess is correct you need to add a static route to your vpn network via your pfSenes's LAN IP.
-
@curtisgrice thanks for your reply. No, the pfSense running OpenVPN is not my router/default gateway. Nice catch! I issued the command
ip route add 10.0.8.0/24 via 172.16.0.3and BAM! it worked. Thanks a lot. Is there any way to make this work by adding some type of configuration to the router/default gateway? Thanks again. -
You just need to add that same route to your gateway device. Simple as that.
-
@curtisgrice thanks again!
