Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] Can't access same subnet, if connected by VPN (internal IP's, SMB etc.)

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 867 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Teddy
      last edited by Teddy

      Hey together,
      i just used the VPN wizzard, to configure a VPN Connection for my laptop, to connect to my home-network on business / holiday-travels.

      I can connect without problems to the PFSense VPN Network, i can access the PFSense Web-Interface, but i can't connect to any other devices in the same subnet.

      All my different devices in my network have an 192.168.1.X adress (FreeNAS, Windows RDP, Managed Switch etc.). My PFSense has the usual 192.168.1.1.
      My laptop get's the address 192.168.1.2, i can access 192.168.1.1, but can't access for example 192.168.1.5 (let's say, my FreeNAS).

      In the VPN is activated (i think those are the important options):

      • IPv4 Tunnel Network: 192.168.1.0/24
      • Force all client-generated IPv4 traffic through the tunnel is activated
      • Allow communication between clients connected to this server is activated
      • Provide a default domain name to clients (192.168.1.1 = PFSense Firewall)
      • Provide a DNS server list to clients. Addresses may be IPv4 or IPv6. (first 192.168.1.1, second 8.8.8.8)

      Any ideas i need to change, for get access to the rest of the subnet? I even can't access my SMB-shares.

      Brgds

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Did you add an allow rule on the OpenVPN interface? It's an interface like any other, and only the default LAN gets a rule added automatically. All other interfaces need one manually added.

        T 1 Reply Last reply Reply Quote 1
        • T
          Teddy @KOM
          last edited by Teddy

          @KOM
          Thanks for your fast help.

          cc07e646-3916-4691-93b1-9e8fd0927b62-grafik.png

          That rules was added by the wizzard automatically. Any more rules necessary?

          1 Reply Last reply Reply Quote 0
          • T
            Teddy
            last edited by

            Okay, now i have access to all the configuration interfaces.
            It was my fault, in the wizard i set Tunnel Network and Local Network to 192.168.1.0, but they must be different (Tunnel Network for example 10.0.0.0 and Local Network MUST be your usual network 192.168.1.0.

            1 Reply Last reply Reply Quote 1
            • chpalmerC
              chpalmer
              last edited by

              Just some hints to tie things down a little.. You can easily make your tunnel network a /30 or (/29 if more than one remote address is needed) for just one laptop doing a roadwarrior setup such as that.

              Then on your OpenVPN firewall rule make "source" the same as your tunnel. 10.0.0.0/30 /29 ect..
              Make destination your local LAN if you only have one local subnet to worry about.

              It is most likely absolutely safe to leave it as is but if your inclined to worry or just want to tinker more.. this is an option for you. ✌

              Good luck!

              Triggering snowflakes one by one..
              Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

              1 Reply Last reply Reply Quote 1
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.