Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems by connecting as road warrior

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      coyote
      last edited by

      I have the following short network configuration.

      DSL-Router: 172.16.0.0/24

      Firewall:
      WAN: 172.16.1.0/24
      LAN: 172.16.2.0/24
      OPT1:172.16.3.0/24
      VPN-Tunnel: 172.16.10.0/24

      LAN-client:  172.16.2.210
      OPT1-Server: 172.16.3.10

      I would rather like to connect to the https-service (linux) provided by the OPT1-server, but I am currently testing to connect the LAN-interface and ping the other client from outside. I have tried out many configurations and the ovpn connection is established each time, but I just can't ping the client (it can be pinged from home).

      Furthermore, I followed (somehow) the HOWTO from pfsense-ovpn.pdf and the section "Setting up OpenVPN for road warriors (= remote clients)". The only thing I've not followed exactly is the part with the certificates because there is now a webconfigurator in pfsense and can done from there.

      I am using an mobile stick to connect from outside. Just the same behavior. I have made a few sample screenshots of my opvn-server and firewall configuration.

      What am I doing wrong?
      ovpn-server_config.jpg
      ovpn-server_config.jpg_thumb
      firewall-interfaces.jpg
      firewall-interfaces.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        I assume that your DSL-Router is already port-forwarding 1194 to your WAN port (since you are able to connect from outside).
        It looks like you just need to push the route in the advanced OpenVPN server section:

        push "route 172.16.3.0 255.255.255.0"
        

        That will tell the client that the OpenVPN link is the route to 172.16.3.0/24.
        The way you have done it, you were telling the OpenVPN server that 172.16.3.0/24 is at the client end - back-to-front.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • C
          coyote
          last edited by

          it works now! thx!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.