OpenVPN client cannot route to LAN



  • Hi all,
    I've configurated my VPN with pfsense 2.0.2 but after that the connection has been established, the vpn client cannot connect to the server on the lan network.
    When I execute a traceroute, it stops on the gateway address (subsequents hops get time out.
    I've used the wizard for the configuration. Below there are the configurations.
    Any suggestion?
    Regards.

    LAN 10.0.0.0/24
    DMZ 172.26.101.0/24
    WAN 1.1.1.1

    Server has 3 network adapters, one for every vlan
    STATIC ROUTE
    Name         Interface Gateway       Monitor IP Description
    WANGW (default) WAN     1.1.1.1   1.1.1.1     WAN Gateway
    GWLAN LAN     10.0.0.2   10.0.0.2     GW LAN
    GWDMZ DMZ     172.26.101.2  172.26.101.2 GW DMZ

    
    SERVER CONFIG
    dev ovpns1
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-128-CBC
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local 1.1.1.1
    tls-server
    server 192.168.2.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc
    username-as-common-name
    auth-user-pass-verify /var/etc/openvpn/server1.php via-env
    tls-verify /var/etc/openvpn/server1.tls-verify.php
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    max-clients 5
    push "route 10.0.0.0 255.255.255.0"
    ca /var/etc/openvpn/server1.ca 
    cert /var/etc/openvpn/server1.cert 
    key /var/etc/openvpn/server1.key 
    dh /etc/dh-parameters.1024
    tls-auth /var/etc/openvpn/server1.tls-auth 0
    comp-lzo
    persist-remote-ip
    float
    push "route 172.26.101.0 255.255.255.0"
    
    CLIENT CONFIG
    dev tun
    persist-tun
    persist-key
    proto udp
    cipher AES-128-CBC
    tls-client
    client
    resolv-retry infinite
    remote 1.1.1.1 1194
    tls-remote pfsense02
    auth-user-pass
    pkcs12 pfsense02-udp-1194-mdandrea02.p12
    tls-auth pfsense02-udp-1194-mdandrea02-tls.key 1
    comp-lzo
    
    


  • What's the IP of your server?

    Post the firewall rules off the openvpn tab.



  • @marvosa:

    What's the IP of your server?

    Post the firewall rules off the openvpn tab.

    Many Thanks for your reply.
    10.0.0.2 LAN
    172.26.101.2 DMZ
    1.1.1.1 WAN (not real ip)
    In attach there are the rules.
    BEst regards.
    Matteo










  • Hi All,
    I've resolved the problem. I've found an error in the configuration
    thanks a lot.



  • Care to share with us what the error was?



  • @ciambellone:

    Hi All,
    I've resolved the problem. I've found an error in the configuration
    thanks a lot.

    hi sir!

    I failed you, but I do not know how to handle.You can share how to handle errors that are not.Thank you


Locked