Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot Ping Internal LAN - OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 596 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jbcortezf
      last edited by

      Hello All!

      I just created a pfsense server inside Oracle Cloud (OCI) with just the WAN Network card (that has Public and Private address together).

      PS: I don't know what heck is not possible to me to add a second VNIC to be the LAN Network (I can add of course the vnic on Oracle oci, the question is that Pfsense just stops working - I lost connection with the UI).. anyway.. I kept with just the WAN Network.

      To the setup:

      My OCI Private LAN Address is 10.0.0.0/16.

      My OCI Pfsense Server has just one vNIC with the Public IP (xxx.xxx.xxx.xxx) and the Private Address 10.0.0.60.

      I have an Oracle DB Server inside this Private Network (same compartment and VPC) with the IP Address 10.0.0.215.

      From my PFsense OCI Server I can ping this Oracle DB Server on IP 10.0.0.215.

      Great :)

      Now the problem:

      I did created in this Pfsense inside Oracle Oci an OpenVPN Server (Peer-to-Peer) and Established connection between my house (my home pfsense) with Oracle Oci. - OK

      From my PC (my internal home network) I can ping the private IP of my Pfsense OCI server (10.0.0.60) but cannot ping the Oracle Server (10.0.0.215).

      Also, from Pfsense on OCI I can ping my home pfsense IP (192.168.1.1) but cannot ping my PC IP - 192.168.1.103.

      It's obviuos there's some link missing that needs to be add, some firewall rule or routing or anything else that I'm not that guy on networking and I'm lacking skills :D.

      Can some of you help me with that? it should be something easy for an experienced Pfsense Professional :(

      Thanks so much!!

      V J 2 Replies Last reply Reply Quote 0
      • V
        viragomann @jbcortezf
        last edited by

        @jbcortezf
        Is pfSense the default gateway in OCI?

        Do you have entered 10.0.0.0/16 at "local networks" in the OpenVPN server settings?

        Does OCI allow access from your home (security group)?

        Does the DB server accept connections from outside by its firewall?

        For accessing your home PC, you need to create a CSO on the OpenVPN server. Further more your PC might block access from outside by its firewall.

        J 1 Reply Last reply Reply Quote 0
        • J
          jbcortezf @viragomann
          last edited by

          @viragomann Hi!! thanks for helping!

          No, my default gateway is 10.0.0.1. I did tried to move it to my Pfsense IP but it crashes and I had to turn it back configuration to standard 10.0.0.1. I also did add one more gateway to 10.0.0.60 also freezes.

          All the rest, connections, security groups and so on are very well setup and pinging each other. The question is coming outside :/

          V 1 Reply Last reply Reply Quote 0
          • J
            jbcortezf @jbcortezf
            last edited by

            @viragomann

            Do you have entered 10.0.0.0/16 at "local networks" in the OpenVPN server settings? Yes

            Does OCI allow access from your home (security group)? Yes

            Does the DB server accept connections from outside by its firewall? Yes

            For accessing your home PC, you need to create a CSO on the OpenVPN server. Further more your PC might block access from outside by its firewall. - What is a CSO?

            1 Reply Last reply Reply Quote 0
            • V
              viragomann @jbcortezf
              last edited by

              @jbcortezf
              The machines will send responses to their default gateway. If this is not pfSense you have to route the home network to pfSense.
              As a workaround you can add an outbound NAT rule on pfSense for masquerading, if the VPN is for your private purposes.

              What is a CSO?

              VPN > OpenVPN > Client Specific Override

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.