New install, same settings as old box.. not working
-
I have just installed a fresh 2.0-RELEASE. Created the OpenVPN certificates and everythign the same same as i did before.. I can connect to the VPN and remtely control my pfsense box via WebConfigurator.. but i am unable to connect to any of my servers or routers that are on the LAN interface..
Box has 2 NIC's. WAN and LAN
LAN ip is 10.0.0.99.
WAN ip is 189.53.100.10Inthe OpenVPN server settings it has assigned an ip of 10.0.8.0/24 adn my the Local Network IP range is my LAN: 10.0.0.0/18. One i connect to the OpenVPN server from my laptop at home, i can get to 10.0.0.99 but i am unable to get to any of my other machines on the same network.. such as 10.0.0.6, or 10.0.0.25.
This worked in my previous install (previous install LAN was 192.168.5.0/24).. how have i got it wrong this time?
-
Subnetting 101… your tunnel network 10.0.8.0/24 falls inside of your 10.0.0.0/18 Lan scope and is messing with your routing.
Change your OpenVPN tunnel network to something outside of your LAN scope (or vice versa). Personally, I would keep it simple and change your LAN to 10.0.0.0/24 or 192.168.50.0/24, etc... there are thousands of combinations, just make sure its NOT on the same network as your tunnel.
Why the /18 mask anyway? Do you REALLY need 16,000+ LAN IP's? LOL!
-
i have already changed the tunnel network to 192.168.0.0/24 and still have the same issue.
I will be needing around 8000 ip's hopefully soon so i am just setting it up now for the future basically.
Why? is there a problem with having a /18 netmask?
-
Are you going to subnet that out downstream or something - yeah I could see quite a few problems with putting 8000 some clients on the same broadcast domain ;) BTW /18 is what 16382 hosts – quite a bit more than 8000.
And to be honest 192.168.0.0/24 would be a really bad choice for your tunnel network, since 192.168.0.0/24 is a VERY common IP range, so you prob going to conflict with the remote networks local lan space.
