• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Unable to Connect to LAN with OpenVPN

Scheduled Pinned Locked Moved OpenVPN
8 Posts 3 Posters 4.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    manolios
    last edited by Sep 9, 2012, 1:52 AM

    Hello,

    I like to setup OpenVPN so when outside on the road using an openvpn client  to be able to connect to the private LAN and have access to all resources within the LAN. I want all the connections to be going through the LAN when the client is connecting through the OpenVPN setup.

    I have tried different configurations and I was not able to achieve that.

    With my last configuration I was able to establish a connection to the OpenVPN Server but all network connection was not going through my LAN.

    Does any one has or now of any simple step by step instructions that I can follow to accomplish that?

    I appreciate all the help!

    Thanks

    1 Reply Last reply Reply Quote 0
    • K
      kilthro
      last edited by Sep 9, 2012, 1:56 PM

      Just curious. On the server config for open vpn did you enable the checkmark box
      Redirect Gateway
      Force all client generated traffic through the tunnel.

      This should keep it from split tunneling and using local/vpn network.

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by Sep 9, 2012, 3:38 PM

        As the poster before said:
        If you checked " Force all client generated traffic through the tunnel." then all the traffic from the client will be routed through the VPN.

        On pfsense you have to setup firewall rules to allow the traffic from the OpenVPN network to your LAN.

        If you disable " Force all client generated traffic through the tunnel." then you have to tell the client which routes/subnets should be routed through VPN. This can be done with the push "route x.x.x.x y.y.y.y"; command

        1 Reply Last reply Reply Quote 0
        • M
          manolios
          last edited by Sep 9, 2012, 7:32 PM

          I have tried with having the "Force all client generated traffic through the tunnel." checked and when I do that then I have not internet access at all. The internet connection seems to be on but I have no access to the web or lan.

          I have not even been successful to even ping my pfSense.

          What is the difference between "Force all client generated traffic through the tunnel." and the "Local Network" setting in the vpn server tunnel settings?

          Also, my vpnserver is on a different subnet than my pfSense and lan.
          Here is the setup

          VPNClient < –---(WEB)-------->      pfSense  < --------------->    LAN
          (10.0.8.6)                              (IP: 172.16.1.1)                    (172.16.1.1 - 172.16.1.254)
                                                  (VPN Tunnel 10.0.8.0/24)

          The attachments show all the Firewall rules that I have.

          Any ideas what do I have to do on the above in order to:
          1. Make sure that all the connections go through the VPN.
          2. Make sure that the vpn client has access to everything inside the LAN.

          Thanks,

          LAN.PNG
          LAN.PNG_thumb
          WAN.PNG
          WAN.PNG_thumb

          1 Reply Last reply Reply Quote 0
          • M
            manolios
            last edited by Sep 9, 2012, 7:34 PM

            Also as per the two comments, in my latest set up I have the Force all client generated traffic through the tunnel. checked.

            1 Reply Last reply Reply Quote 0
            • K
              kilthro
              last edited by Sep 9, 2012, 7:38 PM

              The local network is the network you want the vpn clients to have access to. If you do not enable that the connected users will not be able to access the network.

              Are you pushing DNS as well?

              1 Reply Last reply Reply Quote 0
              • M
                manolios
                last edited by Sep 9, 2012, 8:15 PM

                When I check the  "Force all client generated traffic through the tunnel." I no longer have the option to specify Local Network.

                I am not sure what you mean by "pushing DNS", but  I do not have any "push" commands in the Advanced Configuration of the OpenVPN Server.

                1 Reply Last reply Reply Quote 0
                • N
                  Nachtfalke
                  last edited by Sep 10, 2012, 9:54 AM

                  @kilthro:

                  The local network is the network you want the vpn clients to have access to. If you do not enable that the connected users will not be able to access the network.

                  Are you pushing DNS as well?

                  Local network will not be available if you redirect all traffic through OpenVPN. Local network is only available if you want that the client should rout all traffic from network "172.16.1.0/24" through VPN and all other traffic through the internet connection on the VPN client site.

                  @manolios
                  On pfsense where the OpenVPN server is running, there you have to go to Firewall and on the "OpenVPN" tab. There you have to allow the traffic from the OpenVPN network (10.0.8.0) to any.

                  1 Reply Last reply Reply Quote 0
                  8 out of 8
                  • First post
                    8/8
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    This community forum collects and processes your personal information.
                    consent.not_received