Problems by connecting as road warrior



  • I have the following short network configuration.

    DSL-Router: 172.16.0.0/24

    Firewall:
    WAN: 172.16.1.0/24
    LAN: 172.16.2.0/24
    OPT1:172.16.3.0/24
    VPN-Tunnel: 172.16.10.0/24

    LAN-client:  172.16.2.210
    OPT1-Server: 172.16.3.10

    I would rather like to connect to the https-service (linux) provided by the OPT1-server, but I am currently testing to connect the LAN-interface and ping the other client from outside. I have tried out many configurations and the ovpn connection is established each time, but I just can't ping the client (it can be pinged from home).

    Furthermore, I followed (somehow) the HOWTO from pfsense-ovpn.pdf and the section "Setting up OpenVPN for road warriors (= remote clients)". The only thing I've not followed exactly is the part with the certificates because there is now a webconfigurator in pfsense and can done from there.

    I am using an mobile stick to connect from outside. Just the same behavior. I have made a few sample screenshots of my opvn-server and firewall configuration.

    What am I doing wrong?





  • I assume that your DSL-Router is already port-forwarding 1194 to your WAN port (since you are able to connect from outside).
    It looks like you just need to push the route in the advanced OpenVPN server section:

    push "route 172.16.3.0 255.255.255.0"
    

    That will tell the client that the OpenVPN link is the route to 172.16.3.0/24.
    The way you have done it, you were telling the OpenVPN server that 172.16.3.0/24 is at the client end - back-to-front.



  • it works now! thx!


Locked