PfSense 1.2 RC1 - 1WAN+1LAN(Fake) and OpenVPN

anthon

Hello to all,

I've installed PfSense 1.2 RC1 in a Vmware Server that only contains the Bridge network configured.

To overcome the two nic problem I just created another interface in Vmware and throw it a fake IP.

I have configured my certificates, OpenVPN server and radius proxy auth with no problem.

The only, and big one, problem is that after establishing the connection to the VPN server I cannot ping my Work LAN server's.

I think this must be a Route / NAT problem but I'm no guru…. so please give me a hint.

By the way, I have firewall disabled.

So basically I have:

Home ------> Internet -----> (External IP) Work Firewall (Internal IP) -----> LAN -----> PfSense

And PfSense has the folowwing nic's:

WAN: 192.168.0.249/24
LAN: 192.168.198.1/24 (Fake subnet, not in use)

PfSense Routing table:

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.0.254      UGS        1      85    le0
127.0.0.1          127.0.0.1          UH          1        0    lo0
192.168.0          link#1            UC          0        0    le0
192.168.0.33      00:0c:29:4e:b8:fd  UHLW        1        3    le0  1159
192.168.0.34      00:0c:29:2d:f7:e5  UHLW        1      13    le0  1168
192.168.0.79      00:17:a4:e2:51:09  UHLW        1    1249    le0    950
192.168.0.249      127.0.0.1          UGHS        0        0    lo0
192.168.0.254      00:10:db:96:79:c2  UHLW        2      25    le0    946
192.168.10        192.168.10.2      UGS        0        0  tun0
192.168.10.2      192.168.10.1      UH          1        0  tun0
192.168.198        link#2            UC          0        0    le1

Client PC Routing Table:

Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
192.168.10.1    192.168.10.5    255.255.255.255 UGH  0      0        0 tun0
192.168.10.5    0.0.0.0        255.255.255.255 UH    0      0        0 tun0
192.168.0.0  192.168.10.5    255.255.255.0  UG    0      0        0 tun0
192.168.1.0    0.0.0.0        255.255.255.0  U    0      0        0 br0 (My home LAN)
192.168.0.0    192.168.10.5    255.255.255.0  UG    0      0        0 tun0
84.90.232.0    0.0.0.0        255.255.252.0  U    0      0        0 vlan1
169.254.0.0    0.0.0.0        255.255.0.0    U    0      0        0 br0
127.0.0.0      0.0.0.0        255.0.0.0      U    0      0        0 lo
0.0.0.0        EXTERNAL IP    0.0.0.0        UG    0      0        0 vlan1

And the OVpn Server config's are:

Protocol: TCP

Port: 1194

Remote Network: 192.168.10.0/24

Local Network: 192.168.0.0/24

Dynamic IP: On

DNS-Domainname: my intranet dns

DNS-Server: My two DNS server's

LZO Compression: On

Custom options:

plugin /usr/local/lib/openvpn-auth-pam.so "openvpn login USERNAME password PASSWORD domain mydomain.com"
verb 6
user nobody
group nobody
persist-key
persist-tun
status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
dev tun
keepalive 10 120
comp-lzo
max-clients 16
push "route 192.168.0.0 255.255.255.0"

Client config's are:

client
proto tcp-client
verb 3
dev tun
remote my_work_external_ip
port 443
nobind
persist-key
persist-tun
comp-lzo
ca pfsense-ca-cert.crt
cert pfsense-client-cert.crt
key pfsense-client-key.key

Thank you very much for all your help!

Best regards,
Anthon.

nikobsd

did u put ur Local Network in Local network place openvpn server configuration ?