Can't ping LAN on Server side from OpenVPN Client
-
Hi,
My problem is that i can't access to my LAN from the OpenVPN client. I can only access my pfsense router.
I use OpenVPN server in "Force all client generated traffic through the tunnel" mode and push the route to the LAN in advanced configuration.
Even if i use access Local Network checkbox, the problem is still same.
I think the problem is in Firewall settings or routing
Interfaces : 1 WAN 1 LAN OPT1 OPT2
PfSense act also as a WiFi via OPT1OpenVPN Conf file :
dev ovpns1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 1.2.3.4
tls-server
server 192.168.2.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
username-as-common-name
auth-user-pass-verify /var/etc/openvpn/server1.php via-env
lport 1194
management /var/etc/openvpn/server1.sock unix
max-clients 5
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"
push "dhcp-option NTP 1.2.3.4"
push "redirect-gateway def1"
client-to-client
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo
persist-remote-ip
float
push "route 192.168.1.0 255.255.255.0"PfSense version 2.0
PfSense IP :192.168.1.1
LAN NETWORK :192.168.1.100 - 200
VPN NETWORK :192.168.2.0Please help me !!!
-
Did you add allow rule in OpenVpn page in firewall rules?
-
When you say you can access the pfSense firewall, which IP are you using? The OpenVPN IP? Or the LAN IP?
If your client is missing the route (for example if it's a Windows Vista/7 client that did not run as Administrator) then it couldn't get to the LAN subnet.
But if it can reach the LAN IP but not farther in, that would suggest that it gets blocked internally, or that the system you are trying to reach does not use the pfSense firewall as its default gateway.
-
or that the system you are trying to reach does not use the pfSense firewall as its default gateway
Thank you so much. Sometimes things are so simple that it is almost impossible to spot them. I was trying to connect to the LAN over my OpenVPN connection for hours and couldn't figure out what I did wrong as all routing tables where correct.
I am currently in the process of changing my firewalls to pfsense and also configure an new broadband connection. I completely forget that all my servers were still configured with the old gateway ip.Thanks again.
