Clients connected to VPN cannot access DMZ

  • Hi there

    I have a simple WAN, LAN, DMZ setup up and running.
    In the DMZ, there is a VPN (L2TP) server up and running (no, I don't use the built-in VPN service from pfSense for various reasons).
    External clients are able to establish a VPN connection, this works fine. The VPN server assigns IPs from the LAN subnet.
    The problem is, the users cannot access a server in the DMZ, this is blocked by the default deny rule:

    | If | Source | Destination | Proto |
    | DMZ | | | TCP:S |

    I thought about various problems:

    • Assigning LAN IPs by the VPN server
    • Firewall rules of DMZ missing

    Does anybody have a hint?

  • Some other ideas

    • VPN server should assign IPs from a new subnet that does not exist yet (say, maybe I'll have to find out, what virtual IPs are on pfSense
    • Maybe outbound NAT will help?

    Any ideas?

  • i am developing a customized application for filemaker and i have vpn client installed..i have to get content from linkedin and store them in a local storage…i need your guide

Log in to reply