Site to lan
Hi, I'm a beginner of pfsense.
I' have a problem with openvpn and "site to lan" access.
The openvpn works correctly and from my client with vpn running i ping the LAN ip address of pfsense server. I' dont ping the IP of another server that is on the same private network. I'see in firewall log the record with PASS action. I presume that is ok. There is another parameter to configure? I'need enable ip routing or similar ?
If the firewall passes it, the firewall may be doing all it can do. If it comes in from the client, leaves the LAN going to your local network, and then it doesn't come back, it would be a problem on whatever you're sending it to.
Make sure that whatever you're trying to reach is using pfSense as its default gateway, and that there isn't a local firewall on the target device/server that would be blocking that traffic.
Some packet captures might help track down where it's going or not going.
marvosa last edited by
Post your configs. I'd be willing to bet you either are not pushing the correct routes to your clients or you haven't disabled the software firewalls on your clients.
I solved it, it was a route problem. I set as default gateway the LAN IP of pfsense server. But now the problem is that the server can not reach the public network. I've set as default gateway and as dns server the LAN ip pf pfsense. The dns work. In a ssh console of pfsense with tcpdump i see the request from server to external ip but don't see the response.
Do you have any idea?
Thank's you very much
marvosa last edited by
So, still no details? It sounds more like you made a random change and traded issue for another.
Manually changing the default gateway on the client is not the solution.
Please give more details so we can help you troubleshoot.
Sorry I explained badly.
The problem was the default gateway of server (192.168.20.2) that is on the same network interface LAN (192.168.20.1) Server pfSense. The default gateway are another address now is 192.168.20.1. Now the client that connect to pfsense throught openvpn che see the server (192.168.20.2).
Now the problem is inverse, from the server 192.168.20.2 that has default gateway the private address of pfsense server (192.168.20.1) can't ping address outside the pfsense server.
How do I retrieve the configuration to be put on the forum ?