Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense: How can I ping ip on my lan from my local machine passing through wan address (pfsense on virtual machine)

    Scheduled Pinned Locked Moved General pfSense Questions
    12 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Evoku
      last edited by

      I am working on a project which requires me to set up a lab that works like a secure office environment. That is - an internal network with a domain controller etc. Its using PfSense as the router. However I also require my local machine to be able to talk to this internal network from outside the internal network in order to deploy using packer.

      I basically want to be able to ping a virtual machine on the lan network for now, then I should be fine from there.

      Ive fiddled loads with pfsense nat rules and firewall rules but have had no luck.

      Any simple config ideas?

      1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8
        last edited by kiokoman

        openvpn between pfsense and your local machine. you can use the wizard and the package openvpn-client-export

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        E 2 Replies Last reply Reply Quote 0
        • E
          Evoku @kiokoman
          last edited by Evoku

          @kiokoman I'll give it a go, cheers - would the listener be the LAN (might be a silly question but assume it will be since this is what we want to talk to/through)

          1 Reply Last reply Reply Quote 0
          • E
            Evoku @kiokoman
            last edited by

            @kiokoman Ive attempted it but still doesn't work.

            My lan network IP is 192.168.1.1 and my tunnel network is 10.10.10.1.

            I set the local network ip to the Lan network Ip.

            protocol udp4/port 1194

            Sound correct?

            1 Reply Last reply Reply Quote 0
            • kiokomanK
              kiokoman LAYER 8
              last edited by

              listener must be WAN
              you need to open port 1194 udp with destination "This Firewall" on the wan interface, you are connecting from the WAN to be able to access the LAN.
              inside "Local Network" you need to specify 192.168.1.0/24 .
              take in mind that for this to work your pc MUST be on a different subnet

              ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
              Please do not use chat/PM to ask for help
              we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
              Don't forget to Upvote with the 👍 button for any post you find to be helpful.

              E 1 Reply Last reply Reply Quote 0
              • E
                Evoku @kiokoman
                last edited by

                @kiokoman Ah makes sense! Thank you, will let you know if this works

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  For refrence:
                  https://docs.netgate.com/pfsense/en/latest/book/openvpn/using-the-openvpn-server-wizard-for-remote-access.html

                  1 Reply Last reply Reply Quote 0
                  • E
                    Evoku
                    last edited by

                    I also found this which might be good? I am currently at the vpn client export bit and learning how to correctly use this package in order to get it to work https://elitshelp.zendesk.com/hc/en-us/articles/115003168045-OpenVPN-Configuration-pfSense-

                    1 Reply Last reply Reply Quote 0
                    • E
                      Evoku
                      last edited by

                      So im at the client export part... But not finding anyway for me to export the openvpn settings?

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        Did you install the client export package?

                        If you did and have the new menu but there are no clients listed as available it's because none have the right certificates to use with the selected server.

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • E
                          Evoku
                          last edited by Evoku

                          I think I've looked into this for too long and Ive completely confused myself. Talk to me like I'm stupid.

                          I've just factory reset my pfsense settings because I believe I over convoluted everything.

                          Is the only thing I need to do is have openVPN set up on the single pfsense box I have on virtual box.

                          Ive seen videos on youtube and online allsorts where someones gone on different ips to set up clients etc.

                          --

                          basically.... Can I just run through the openVPN wizard and thats it. Im missing knowledge thats probably preventing me from configuring this properly. And over complicated my understanding with multiple different guides on the process

                          --

                          And yes I installed the client export package

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S
                            stephenw10 Netgate Administrator
                            last edited by

                            Ok so:

                            • Run through the OpenVPN remote access setup wizard

                            • Create a test user in System > User Manager and make sure you add a client certificate to that user created against the same CA the wizard created.

                            • Install the Client Export Package. You should now see the various client types available for your test user in VPN > OpenVPN > Client Export.

                            Pretty much what it says here:
                            https://docs.netgate.com/pfsense/en/latest/book/openvpn/using-the-openvpn-server-wizard-for-remote-access.html

                            Steve

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.