Information about OpenVPN and pfSense
-
Please, be warned I am a newbie in VPN config.
So, I was wondering.
I have a OpenVPN setup in my pfSense instance and can connect to the LAN perfectly from the outside. The thing is that I can't connect to the VPN from within said LAN, so I ask: is this the intended way of things working or can I change anything is the pfSense config to allow connection to the LAN within the LAN(even though it's redundant)? -
Hi there,
what is your intention by trying to reach your openVPN (running on your local pfsense machine) from your LAN (which is right behind your local pfsense machine)?In general, source network should have a different IP adressroom (sorry for my english, dude) as target.
-
@leao-adilson said in Information about OpenVPN and pfSense:
The thing is that I can't connect to the VPN from within said LAN
See it like this :
From every railway station in the US you can take a train to New York (the city), Central station.
A train could take you directly, or you need to take several trains one after another, but you will get their. I guess we say there is a correspondence.Now, imagine this situation : you are at central Station, New York (the city).
You approach the help disk, and ask this question :How do I get to New York central station ?
Please film this, as the scene will be epic.
When you connect yourself into your LAN, using Wifi or cable, your device becomes member of that network, and can contact all the other devices on the same LAN.
And it even gets better : without the need of pfSense. You could remove the cable from your pfSense **.Example : when I'm @work, I can use an app in my phone to watch the 16 video cameras. The device, a DVR, has 192.168.1.10, which is the IPv4 of our DVR. My pHone will have another 192.168.1.x IP.
When I'm @home, or where ever else on planet earth, I have to activate my VPN-to-Work app first. This will build a connection to our @work pfSense.
Then I launch my Camera App, and it connects just fine to our DVR "like as I was @work". The VPN secures the connection. No need to switch IP addresses, or activate NAT rules on pfSense.
Keep in mind :
When I'm @work, I can connect to the company's LAN using APs that give me access to that LAN - our 192.168.1.0/24
When I VPN into work, I connect via 192.168.3.0/24, the VPN tunnel network. But a firewall rule on the OpenVPN interface permits me to connects to other 'LAN' 192.168.1.0/24 so I can access the DVR.** that is, you probably still need pfSense to deal with the DHCP part of the connection.