Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN computers cannot access remote network nodes

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 259 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pgmillon 0
      last edited by

      Hi,
      I'm trying to connect a remote network to my home LAN using OpenVPN Client on pfSense.
      When I connect to the remote OpenVPN box using my laptop, I can ping all servers on the remote network.
      Same way: pfSense OpenVPN client is successfully connected and I can ping servers using Diagnosis -> Ping.
      But pfSense LAN clients (pfSense is the default gateway) cannot ping any remote servers.
      It may be a simple routing issue but I can't figure it out.
      Thanks for the help.

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by Rico

        You did not give any detail about the configuration....sounds to me like you are running OpenVPN in the wrong Server mode.
        Remote Access (aka roard warrior) = Endpoints like PC, notebook, smartphone and so on connecting to the VPN Server.
        Peer to Peer (aka Site to Site) = Connecting two (or more) routers with any network behind them together.

        -Rico

        1 Reply Last reply Reply Quote 0
        • P
          pgmillon 0
          last edited by pgmillon 0

          Hi,
          Sorry I forgot indeed. Here's what I have on the server:

          proto udp6
          port 1194
          
          dev tunudp1194
          
          keepalive 10 60
          persist-key
          persist-tun
          topology subnet
          
          verb 3
          
          # CERTS
          duplicate-cn
          key  /etc/openvpn/easy-rsa/keys/myvpn.key
          cert /etc/openvpn/easy-rsa/keys/myvpn.crt
          ca   /etc/openvpn/easy-rsa/keys/ca.crt
          dh   /etc/openvpn/easy-rsa/keys/dh2048.pem
          
          # hardening
          remote-cert-tls client
          tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
          crl-verify /etc/openvpn/easy-rsa/keys/crl.pem
          
          tls-version-min 1.2
          
          cipher AES-256-CBC
          auth SHA256
          
          reneg-sec 60
          server 10.x.y.z 255.255.255.0
          

          For now I'm using an image generated by scaleway: https://github.com/scaleway-community/scaleway-openvpn.
          The idea is to run OpenVPN in Remote Access since I don't want the remote site to connect back to the pfSense box.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.