Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    New install, same settings as old box.. not working

    OpenVPN
    3
    4
    1729
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      luke240778 last edited by

      I have just installed a fresh 2.0-RELEASE.  Created the OpenVPN certificates and everythign the same same as i did before..  I can connect to the VPN and remtely control my pfsense box via WebConfigurator.. but i am unable to connect to any of my servers or routers that are on the LAN interface..

      Box has 2 NIC's. WAN and LAN

      LAN ip is 10.0.0.99.
      WAN ip is 189.53.100.10

      Inthe OpenVPN server settings it has assigned an ip of 10.0.8.0/24 adn my the Local Network IP range is my LAN: 10.0.0.0/18.  One i connect to the OpenVPN server from my laptop at home, i can get to 10.0.0.99 but i am unable to get to any of my other machines on the same network.. such as 10.0.0.6, or 10.0.0.25.

      This worked in my previous install (previous install LAN was 192.168.5.0/24).. how have i got it wrong this time?

      1 Reply Last reply Reply Quote 0
      • M
        marvosa last edited by

        Subnetting 101… your tunnel network 10.0.8.0/24 falls inside of your 10.0.0.0/18 Lan scope and is messing with your routing.

        Change your OpenVPN tunnel network to something outside of your LAN scope (or vice versa). Personally, I would keep it simple and change your LAN to 10.0.0.0/24 or 192.168.50.0/24, etc... there are thousands of combinations, just make sure its NOT on the same network as your tunnel.

        Why the /18 mask anyway?  Do you REALLY need 16,000+ LAN IP's?  LOL!

        1 Reply Last reply Reply Quote 0
        • L
          luke240778 last edited by

          i have already changed the tunnel network to 192.168.0.0/24 and still have the same issue.

          I will be needing around 8000 ip's hopefully soon so i am just setting it up now for the future basically.

          Why? is there a problem with having a /18 netmask?

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            Are you going to subnet that out downstream or something - yeah I could see quite a few problems with putting 8000 some clients on the same broadcast domain ;)  BTW /18 is what 16382 hosts – quite a bit more than 8000.

            And to be honest 192.168.0.0/24 would be a really bad choice for your tunnel network, since 192.168.0.0/24 is a VERY common IP range, so you prob going to conflict with the remote networks local lan space.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

            1 Reply Last reply Reply Quote 0
            • First post
              Last post