LAN through Open VPN not accesible

  • Accesing server LAN side not possible through OpenVPN.
    this is the scheme:
    Network Scheme
    link scheme image
    I have been checking posts but no results yet!.
    Any suggestions?
    Thank you so much!

  • Rebel Alliance Developer Netgate

    It should work fine so long as every node along the path has proper routes. The OpenVPN client needs to have routes all the way through to the target system. The target system needs to know how to get traffic back to OpenVPN. Same with firewall rules, you need to pass through the traffic.

    But without more specific information about the OpenVPN setup, routes, and so on, it's impossible to say where your problem may be.

    There are some general suggestions on for troubleshooting this kind of thing, like checking route tables, using traceroute and packet captures to diagnose, etc.

  • Thanks, I'm going to check some of your suggestions. I'm sure I'll be back with more doubts...

  • @jimp

    Hi again!
    I have been checking some points like LAN router NAT, and server configs and through the packet capture on pfsense I've found this capturing OpenPVN packets:
    15:01:08.596584 IP > tcp 0
    15:01:08.596607 IP > tcp 0
    15:01:08.596617 IP > ICMP redirect to host, length 72

    where its a wan connection over Open VPN(my phone) and is the remote machine with RDP (WS2019), is the LAN router. Look at the TCP 0??? What means?

    With firewall always disabled to test connections and no AV's and after 2 days testing several things, I've found 3 different scenarios:

    1. RDP from LAN to LAN works on any computer. (W10Pro and WS 2019)
    2. RDP from WAN to LAN works in a W10Pro but not in a WS2019 Datacenter only with Remote access (NO RDS) and same ip or network than W10Pro directly by default port 3389. Tested with a PC the error reported is: "internal Error" and tested with my phone the error is: 0x4 or 0x104
      3.RDP from WAN to LAN over OpenVPn doesn't work in any computer at default port 3389, same errors.

    Note the different OS behavior!!.

    WAN UDP4 / 1194
    Crypto: AES-256-GCM/SHA512
    D-H Params: 4096 bits OPEN VPN (tun3)
    IPv4 Tunnel Network

     WAN ::1/128 * * 500 WAN address *  Auto created rule for ISAKMP
     WAN ::1/128 * * * WAN address *  Auto created rule

    WAN TCP * * WAN address 3389 (MS RDP) 3389 (MS RDP) RDP

    IPv4 * * * * * * none OpenVPN OPEN VPN wizard

    IPv4 UDP * * 1194 (OpenVPN) * none OPEN VPN

    Any idea? Do you need some specific info?
    Thank you very much!!

Log in to reply