Telnet to host via VPN not working
-
Hi,
I have inherited a pfsense and am having an issue doing a telnet from a vpn client to a host on the network.
VPN works and connects to openvpn (ip assigned 10.6.194.3)
Interfaces On PFS :
-WAN - x.x.x.x- LAN - 10.6.1.1/24
- IND - 192.168.250.1/24
VPN - 10.6.194.0/24
192.168.250.8 = industrial PLC
192.168.250.100 (windows 10)From 192.168.250.100 I can ping to 192.168.250.1 & 192.168.250.8
From 192.168.250.100 I can telnet to 192.168.250.8From vpn client (10.6.194.3) I can ping 192.168.250.1 and 192.168.250.100 but not 192.168.250.8.
From vpn client I cannot telnet to 192.168.250.8
It seems like the vpn is not allowing icmp or telnet to route.Firewall rules on IND:
- ipv4 any to any
Firewall rules on OPENVPN: - ipv4 any to any
pftop shows the icmp or telnet(tcp)
icmp - in 10.6.194.3:1 - 192.168.250.8 (state)0:0 (packets and bytes show increasing numbers as time goes on))Any thoughts?
-
@graeme-thomas said in Telnet to host via VPN not working:
Any thoughts?
Client Firewall blocking?
-Rico
-
@rico - hi, firewall is off on client
-
192.168.250.8 is using pfSense as its gateway?
-Rico
-
@rico it's an industrial plc so will need to find out from the supplier.
-
192.168.250.8 can't route the traffic back to 10.6.194.0/24 without pfSense as gateway.
-Rico
-
@graeme-thomas said in Telnet to host via VPN not working:
It seems like the vpn is not allowing icmp or telnet to route.
Use Packet Capture or Wireshark to see how far the packets are getting and whether you're getting a response. For example, you could run Packet Capture on the pfsense end of the VPN to see if the packets get that far. However, I can assure you that OpenVPN passes pings as I have done that many times. If your pings aren't getting through, then you likely have some rule issue.