OpenVPN connection NO access to LAN network



  • Hi guys I have read almost all of the treads in the forum but still can’t get where I’m making a mistake with the setup of the VPN connection…
    I have a deadline to meet and I was wondering if anyone could help me out.

    The setup I have Is a pFsense box, connected to the LAN port is a Ubuntu server. The WAN port is connected straight to the internet.

    I have tried the RoadWarrior example and I get a connection thru the VPN and can access the pFsense webConfigurator.
    But when I try to SSH the server on the LAN I get a message that tells me that the host is unreachable.

    My LAN IP is the default 192.168.1.1
    I have given the server a static IP which is 192.168.1.2
    My WAN IP is static and I entered 2 DNS servers provided from my internet provider.

    My VPN configuration is as follows:
    WAN, UDP, 1194, TLS checked, TLS key checked,
    Tunnel Network:  192.168.200.0/24
    Local Network: 192.168.1.0/24
    Concurrent Connections: 2
    LZO checked
    And takes on default settings after that point!

    Please tell me what I have to do from this point on, so that I can SSH the server from a VPN client on another network.

    thanks in advance!



  • from remote:
    are you able to ping 192.168.200.1 ?
    are you sure the firewall rules on the pfsense don't block ?
    are you are able to ping 192.168.1.1 but not 192.168.1.2 ?

    on ubuntu:
    did you set the gateway to 192.168.0.1 when setting the static ip of 192.168.0.2 ? Without the pfsense set as default gateway on the ubuntu, routing will fail.
    to check login as root and type 'route' … it should output all configured routes. the "default" one should point to the pfsense

    kind regards



  • thank you for the reply!

    from remote:

    i am able to ping 192.168.200.1 but not 192.168.200.2 when i ssh 192.168.200.1 i get my pfsense. when try to ssh 192.168.200.2 i get host is unreachable.

    i have the default firewall rules created by the OpenVPN wizard. The outbound NAT rules are set to auto. Do i need to modify the Firewall or NAT in some way?

    on ubuntu:

    the default gateway is pfsense. the output of 'route' is:

    Kernel IP routing table
    Destination    Gateway            Genmask        Flags Metric Ref    Use Iface
    default            pfSense.localdo 0.0.0.0              UG    100    0        0    eth0
    link-local        *                        255.255.0.0      U      1000  0        0    eth0
    172.16.22.0    *                        255.255.255.0  U      0        0        0    vmnet8
    172.16.135.0  *                        255.255.255.0  U      0        0        0    vmnet1
    192.168.1.0    *                        255.255.255.0  U      0        0        0    eth0

    do i need to make any adjustments to the routing table?

    thanks again!!



  • as far as i know you don't need to change any NAT rules …. perhaps you should check your firewall rules.

    could some screenshots of openvpn/firewall/nat/routing table ?

    also find out whats in the routing table of the roadwarrior


Locked