Openvpn not routing to subnet
-
I have a netgate pfsense box connected to the internet as a firewall in front of our cisco router that manages our lan subnet. Installed openvpn using the wizard and the client connects fine. Unfortunately traffic isn't being passed to the subnet. I've tried numerous suggestions on forums without success. It is actually a pretty straight forward setup and everything else is working good.
internet ->(wan)Pfsense (lan=192.168.0.254)-->Cisco router (lan gateway=192.168.1.1)->192.168.1.10(target server)
The pfsense is directly connected to a switch port on the Cisco integrated service router, so there aren't any other devices in the loop. The Cisco router is the gateway (192.168.1.1) for the subnet.
I'm stumped.
Thanks for the help.
-
That's really a strait forward setup. Just ensure that these points a given:
- The pfSense LAN IP is the default gateway on the Cisco router.
- On pfSense you've added a static route for the 192.168.1.0/? network pointing to the Cisco's IP.
- In the OpenVPN settings you've added the 192.168.1.0/? network to the "Local networks".
-
Can you ping the cisco IP on your transit network from your vpn client? I can not tell from your diagram what the cisco IP in this transit is 192.168.0.1?? With pfsense IP being 192.168.0.254?
Other than @viragomann great points.. Also don't forget possible overlap? What are you using for your tunnel network? What is the remote clients local IP.. If it overlaps 192.168.1 remote client would have any need to send traffic down the tunnel to try and get there.
Also don't forget local firewalls on your dest box.. Not allowing whatever your tunnel network is. Which would be the source IP from your vpn connections.
Can the vpn client ping the cisco svi on the lan side network 192.168.1.1?
