Local network is not reachable through the vpn-tunnel

l084

Hi,
I am new hear and hope that somebody had the same problems and can help me, so thanks for answers and here is the problem:

I have configured my pfsense as openvpn server and my ubuntu notebook as client.
The vpn - tunnel seems to be ok because the logs say that "Initialization Sequence Completed".
But then I can't reach the "Local network" (it is written in the pfsense openvpn server configuration).
A think my routing tabelle isn't ok but how can I fix it?

Here the routing tabelle:

Ziel            Router          Genmask        Flags Metric Ref    Use Iface
192.168.2.1    192.168.2.5    255.255.255.255 UGH  0      0        0 tun0
192.168.2.5    *                  255.255.255.255 UH    0      0        0 tun0
192.168.1.0    192.168.2.5    255.255.255.0  UG    0      0        0 tun0
192.168.1.0    *                  255.255.255.0  U    2      0        0 wlan0
192.168.122.0  *                  255.255.255.0  U    0      0        0 virbr0
link-local      *                      255.255.0.0    U    1000  0        0 wlan0
default        192.168.1.1        0.0.0.0        UG    0      0        0 wlan0

Is the default route ok? And if not how can I fix it?

Thank you for your answers,
l084

jimp

Without a lot more information about how your network is numbered, and how the OpenVPN server is setup, it's impossible to speculate what the problem may be.

l084

Wich imformation do you need?

Here are some which I hope should be useful:

My network where the client stands has 192.168.1.0/24
The Address pool the openvpn server is using is 192.168.2.0/24
The local network where the client should be able to access is 192.168.1.0/24 (It's not the one the client stands)

Like I said on top just tell me which information are needed.

Thanks for help.

jimp

There's your problem. It will never route over the OpenVPN tunnel because the subnets overlap.

Renumber one or both of the LANs so they are not the same, and it would work.

l084

Is there another possible solution, because I can change one of the subnets, but I can't assure that the client won't get in a subnet that is the same again?
How assure other openvpn user that something like that doesn't happen?

Thanks for your answer before and I hope you can get me a hint in this question again.

jimp

There is no way to guarantee that it won't happen again.

That is why when you design a network you should avoid using the most common networks (192.168.0.x, 192.168.1.x, 192.168.2.x, 10.0.0.x, 10.0.1.x, etc) and instead use something with less common numbering.

There will probably be numerous home networks, hotels, coffee shops, etc that would use 192.168.1.x and you would always have trouble connecting from those locations, it doesn't matter what type of VPN you use.

l084

Thanks for the answer. That helps me a lot. I will go and recreate my local network.
It's a very good forum and keep it up.

Greetings l084