Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Lost ability to ping hosts on network

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DominikHoffmann
      last edited by

      I used to be able to ping hosts on the LAN hosting my OpenVPN server. I also used to be able to mace VNC connections to hosts. Both time out now.

      What I can do is make ssh connections and then tunnel the VNC traffic through the ssh connection. But that’s not what I deployed OpenVPN for.

      Did something get messed up with the firewall rules? I have

      Screen Shot 2021-04-06 at 12.21.32 AM.png

      for LAN,

      Screen Shot 2021-04-06 at 12.23.29 AM.png

      for WIFILAN and

      Screen Shot 2021-04-06 at 12.21.48 AM.png

      for VPNTAP. Wouldn’t that be sufficient?

      For reference, here are my interfaces

      Screen Shot 2021-04-06 at 12.27.29 AM.jpg

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @DominikHoffmann
        last edited by

        @dominikhoffmann said in Lost ability to ping hosts on network:

        VPNTAP

        The network name let me assume, you're running the VPN in tap mode, right?

        D 1 Reply Last reply Reply Quote 0
        • D
          DominikHoffmann @viragomann
          last edited by

          @viragomann: Yes, I am. Does that have any bearing on my issue?

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @DominikHoffmann
            last edited by

            @dominikhoffmann said in Lost ability to ping hosts on network:

            Yes, I am. Does that have any bearing on my issue?

            Don't know, but for me. I'm out here.

            1 Reply Last reply Reply Quote 0
            • D
              DominikHoffmann
              last edited by

              I found the answer.

              About a month ago, I had made some changes to the LAN topology. LAN hosts connected through Wi-Fi are now in their own subnet (Interface WIFILAN 192.168.4.0/24). The problem is that my client assumed that 192.168.4.0/24 was local to the client, when it is local to the OpenVPN server.

              This option took care of it:

              Screen Shot 2021-04-06 at 11.03.52 PM.png

              I think, this is the more secure way to run VPN clients.

              I will also give unchecking this again and adding

              push "route 192.168.3.1 255.255.255.0";mute 10;
              push "route 192.168.4.1 255.255.255.0";mute 10;
              

              to

              Screen Shot 2021-04-06 at 11.05.30 PM.png

              My guess is that that will accomplish the same thing but will preserve access to the client’s LAN.

              D 2 Replies Last reply Reply Quote 0
              • D
                DominikHoffmann @DominikHoffmann
                last edited by

                @dominikhoffmann said in Lost ability to ping hosts on network:

                My guess is that that will accomplish the same thing but will preserve access to the client’s LAN.

                Sure enough!

                1 Reply Last reply Reply Quote 0
                • D
                  DominikHoffmann @DominikHoffmann
                  last edited by

                  Maybe this is the best way to solve the issue:

                  Screen Shot 2021-04-06 at 11.18.36 PM.png

                  Are there any opinions out there, as to which approach is best?

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.