Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN subnet can't communicate LAN via HTTP

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 349 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      Hi all,

      I've tried to figure out the issue I am currently having but couldn't so I'd like to get some help from you if that's okay.

      I have configured OpenVPN on pfSense (it's running as a VM on a hypervisor, version 2.4.4 p3). So, after VPN access I can communicate with other VMs on the LAN. However, there is a bit of strange situation. I have set up a web server VM in the LAN and when I tried to access via web browser, it doesn't work. Routing is fine since I can ping the server. At the moment, no fancy firewall rules are implemented. For OpenVPN, it allows any IPv4 from any to any.

      It looks like the request hits the web server as shown below:

      ovpns1 	tcp 	172.20.3.12:36058 -> 172.28.1.21:80 	CLOSED:SYN_SENT 	3 / 0 	180 B / 0 B
      

      But nothing returns unfortunately. I have captured packet from the web server VM and it shows the server sent back SYN,ACK packet multiple times but packets didn't seem to return.

      Hardware checksum offloading is disabled. I'd like to know where I should start to figure out. If you require further information, I am willing to provide. Thanks very much.

      Eoin

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by

        Asymetric routing maybe?
        Is your webserver using the pfSense as gatway?

        -Rico

        ? 1 Reply Last reply Reply Quote 0
        • ?
          A Former User @Rico
          last edited by

          @Rico Since ping is working between pfSense and the VM, I believe routing is fine. But if you could let me know the way to check, I will do that and post the result here. Thanks.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.