Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I want some traffic from my remote vpn locations to access their local network.

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 507 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      Waffelen
      last edited by

      Hi,

      I have pfsense running at my main base with openvpn and the clients from different remote loactions access the main base via the openvpn tool created with the client export tool at the main base and then installed on the remote systems.

      The remote systems are all accessing the data stored at the main base fine but they cannot access the resources on their local network. I tired using the tutorial from Lawrence Systems on youtube (this guy is great, I have used loads of his tutorials for psfense and TrueNAS) for "split tunnel routing" (seen here - https://www.youtube.com/watch?v=XHtwVJt4AKo&list=PLjGQNuuUzvmsuXCoj6g6vm1N-ZeLJso6o&index=5&ab_channel=LawrenceSystems) but to no avail.

      Is this the correct way to go about this? I only have 1 local ip address I want them to be able to access that doesnt go throught the VPN tunnel (possibly 1 or 2 more in future). They do not not have a pfsense router their end only a normal BT hub but I hope to change this in the future.

      Any guidence much appreciated. Thanks.

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by Rico

        Make sure you have the options Redirect IPv4 Gateway and Redirect IPv6 Gateway unchecked in the OpenVPN server configuration and your Client config files do not contain something like push "redirect-gateway def1"

        -Rico

        1 Reply Last reply Reply Quote 0
        • W
          Waffelen
          last edited by

          Thanks Rico. Those are definitely unchecked on the pfsense router in the main base and I will check the remote locations myself as I will be there on Monday.

          So the video should be correct and this is the best way to go about it?

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @Waffelen
            last edited by

            @Waffelen
            Yes, the video is correct for his intentions. But is it also fine for yours? We don't know, since we know nothing about your network and these of your clients.

            Basically it's good advice to not use usual default subnets like 192.168.1.0/24 or 192.168.0.0/24, etc. on an VPN access server. If connected client have the same they will have troubles to access some IPs.

            And you should keep the "Local Networks" in the server settings as small as really necessary.

            W 1 Reply Last reply Reply Quote 0
            • W
              Waffelen @viragomann
              last edited by

              @viragomann

              What would you like to know about them?

              No vpn server subnat aint the default 192.168.1.0/24 or 192.168.0.0/24.

              As often as humany possible.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.