OpenVPN connection NO access to LAN network
-
Hi guys I have read almost all of the treads in the forum but still can’t get where I’m making a mistake with the setup of the VPN connection…
I have a deadline to meet and I was wondering if anyone could help me out.The setup I have Is a pFsense box, connected to the LAN port is a Ubuntu server. The WAN port is connected straight to the internet.
I have tried the RoadWarrior example and I get a connection thru the VPN and can access the pFsense webConfigurator.
But when I try to SSH the server on the LAN I get a message that tells me that the host is unreachable.My LAN IP is the default 192.168.1.1
I have given the server a static IP which is 192.168.1.2
My WAN IP is static and I entered 2 DNS servers provided from my internet provider.My VPN configuration is as follows:
WAN, UDP, 1194, TLS checked, TLS key checked,
Tunnel Network: 192.168.200.0/24
Local Network: 192.168.1.0/24
Concurrent Connections: 2
LZO checked
And takes on default settings after that point!Please tell me what I have to do from this point on, so that I can SSH the server from a VPN client on another network.
thanks in advance!
-
from remote:
are you able to ping 192.168.200.1 ?
are you sure the firewall rules on the pfsense don't block ?
are you are able to ping 192.168.1.1 but not 192.168.1.2 ?on ubuntu:
did you set the gateway to 192.168.0.1 when setting the static ip of 192.168.0.2 ? Without the pfsense set as default gateway on the ubuntu, routing will fail.
to check login as root and type 'route' … it should output all configured routes. the "default" one should point to the pfsensekind regards
-
thank you for the reply!
from remote:
i am able to ping 192.168.200.1 but not 192.168.200.2 when i ssh 192.168.200.1 i get my pfsense. when try to ssh 192.168.200.2 i get host is unreachable.
i have the default firewall rules created by the OpenVPN wizard. The outbound NAT rules are set to auto. Do i need to modify the Firewall or NAT in some way?
on ubuntu:
the default gateway is pfsense. the output of 'route' is:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default pfSense.localdo 0.0.0.0 UG 100 0 0 eth0
link-local * 255.255.0.0 U 1000 0 0 eth0
172.16.22.0 * 255.255.255.0 U 0 0 0 vmnet8
172.16.135.0 * 255.255.255.0 U 0 0 0 vmnet1
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0do i need to make any adjustments to the routing table?
thanks again!!
-
as far as i know you don't need to change any NAT rules …. perhaps you should check your firewall rules.
could some screenshots of openvpn/firewall/nat/routing table ?
also find out whats in the routing table of the roadwarrior