• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[SOLVED] Can't access same subnet, if connected by VPN (internal IP's, SMB etc.)

OpenVPN
3
5
849
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    Teddy
    last edited by Teddy Aug 22, 2019, 9:26 PM Aug 22, 2019, 8:53 PM

    Hey together,
    i just used the VPN wizzard, to configure a VPN Connection for my laptop, to connect to my home-network on business / holiday-travels.

    I can connect without problems to the PFSense VPN Network, i can access the PFSense Web-Interface, but i can't connect to any other devices in the same subnet.

    All my different devices in my network have an 192.168.1.X adress (FreeNAS, Windows RDP, Managed Switch etc.). My PFSense has the usual 192.168.1.1.
    My laptop get's the address 192.168.1.2, i can access 192.168.1.1, but can't access for example 192.168.1.5 (let's say, my FreeNAS).

    In the VPN is activated (i think those are the important options):

    • IPv4 Tunnel Network: 192.168.1.0/24
    • Force all client-generated IPv4 traffic through the tunnel is activated
    • Allow communication between clients connected to this server is activated
    • Provide a default domain name to clients (192.168.1.1 = PFSense Firewall)
    • Provide a DNS server list to clients. Addresses may be IPv4 or IPv6. (first 192.168.1.1, second 8.8.8.8)

    Any ideas i need to change, for get access to the rest of the subnet? I even can't access my SMB-shares.

    Brgds

    1 Reply Last reply Reply Quote 0
    • K
      KOM
      last edited by Aug 22, 2019, 8:57 PM

      Did you add an allow rule on the OpenVPN interface? It's an interface like any other, and only the default LAN gets a rule added automatically. All other interfaces need one manually added.

      T 1 Reply Last reply Aug 22, 2019, 9:03 PM Reply Quote 1
      • T
        Teddy @KOM
        last edited by Teddy Aug 22, 2019, 9:04 PM Aug 22, 2019, 9:03 PM

        @KOM
        Thanks for your fast help.

        login-to-view

        That rules was added by the wizzard automatically. Any more rules necessary?

        1 Reply Last reply Reply Quote 0
        • T
          Teddy
          last edited by Aug 22, 2019, 9:26 PM

          Okay, now i have access to all the configuration interfaces.
          It was my fault, in the wizard i set Tunnel Network and Local Network to 192.168.1.0, but they must be different (Tunnel Network for example 10.0.0.0 and Local Network MUST be your usual network 192.168.1.0.

          1 Reply Last reply Reply Quote 1
          • C
            chpalmer
            last edited by Aug 22, 2019, 10:33 PM

            Just some hints to tie things down a little.. You can easily make your tunnel network a /30 or (/29 if more than one remote address is needed) for just one laptop doing a roadwarrior setup such as that.

            Then on your OpenVPN firewall rule make "source" the same as your tunnel. 10.0.0.0/30 /29 ect..
            Make destination your local LAN if you only have one local subnet to worry about.

            It is most likely absolutely safe to leave it as is but if your inclined to worry or just want to tinker more.. this is an option for you. ✌

            Good luck!

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 1
            1 out of 5
            • First post
              1/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.