What i need to let mi OpenVPN clients access OpenVPN Server Clients?



  • Hi people.

    Ok i have 1 OpenVPN server at work with one Linux box(no pfsense), at home i have 1 pfsense that let me access Intenet using PPPoE, i setup my home box to access my clients at work with OpenVPN, the connection was successfully, my gateway at home can access any client at work, but my clients at home cannot access any client from my work  :-.

    Work                                          Home
        OpenVPN Server(tun0)              OpenVPN Client(tun0)

    Home :
    Lan –- 192.168.10.X/24  Gateway  192.168.10.1  WAN PPPoE ng0  OpenVPN Client setup working tun0

    Work:

    Lan --- 10.8.0.X/32    Gateway 10.8.0.9        tun0
                10.8.0.9          Gateway 10.8.0.10      tun0
    192.168.1.X                Gateway 10.8.0.9        tun0
    192.168.2.X              Gateway 10.8.0.9        tun0
    192.168.3.X                Gateway 10.8.0.9      tun0

    What i need to do at my home firewall to let my clients behind my firewall access my clients at work over OpenVPN ??? I need some rules or something else  ??? They can only ping 10.8.0.10.

    I had read the post but i still don't get it  :-, thanks all for your time!!!

    P.S. Pfsense 1.0.1, i was trying to setup some rules for this, but i didn't see any tun interface?



  • how looks your config file on serverside? how on client side?

    did you configure your router at work so it knows that the 192.168.10.x subnet is behind the vpn tunnel?
    also i'm confused about:

    Lan –- 10.8.0.X/32    Gateway 10.8.0.9        tun0
                10.8.0.9          Gateway 10.8.0.10      tun0

    –> subnet /32 ?

    you cannot configure Firewall Rules atm.

    do you have in your Serverconfig something that looks like? :
    push "route 10.8.0.0 255.255.255.0" ( pushing route to work to your PfSense)



  • Hi GruensFroeschli.

    Yes the option:

    push "route 10.8.0.0 255.255.255.0"

    Did the trick.

    I will check my settings, right now we are testing, thanks for your right answer  ;D!!!


Log in to reply