Internal network <- OVPN Server <- pfSense as client <- XP machine
-
Hello everybody,
I am using pfSense with newest firmware as an OpenVPN client and want do access the internal network from an xp machine.Consider the following setup:
Windows server with shares (IP: 192.168.0.100)
OpenVPN server (IP: 192.168.0.41, 192.168.2.1 -> 192.168.2.2)
pfSense (WAN 192.168.8.103, GW 192.168.8.1)
pfSense (LAN 192.168.1.1)
pfSense (OpenVPN 192.168.2.6 -> 192.168.2.5)
XP machine connected to pfSense LAN 192.168.1.102With the OpenVPN application on the xp machine, it is no problem to connect to the server and reach the internal windows server (192.168.0.100) where the application assigns 192.168.2.6 to the virtual interface. Ping to 192.168.0.100 is possible.
If I use the pfSense as client, it connects to the server 192.168.0.41 and everything seems to be ok. The pfSense can reach the windows server 192.168.0.100 via ping.
If I now want to reach the windows server shares from an attached client (attached on the LAN port with IP 192.168.1.102) this is not possible. I can not even ping the windows server but the VPN server is reachable via ssh and ping.
The VPN server can reach the attached client (attached on the LAN port of the pfSense) via ping without problems.
This means one way works but the other way does not work:
192.168.0.41 -> 192.168.1.102 OK
192.168.1.102 -> 192.168.0.41 OK
192.168.1.102 -> 192.168.0.100 FAILED
192.168.1.1 -> 192.168.0.100 OKThe output of a tracert command from the XP machine is:
tracert 192.168.0.100192.168.1.1 -> 192.168.2.1 and then further hops fail with *
All firewall settings are set to let the traffic through.
Any suggestions what the problem is? Is this a routing problem?
I am looking forward to hear from you ;)
Best regards,
ptec
-
solved, it was a routing problem on the windos server
just added a route to the 192.168.9.0 network and now it works fine