Openvpn connected but vpn client can't ping some server but all server can ping
My LAN 10.8.0.0/21. DHCP scope 10.8.4.0. pf is GW default for LAN.
I'm has connected openvpn. vpnclient has Ip 10.0.8.6.
I can ping PCs with IP in scope DHCP and I can browse sites intranet.
But I can't ping PCs has IP static and Ip of sites intranet. However at PCs has Ip static and server sites intranet i can ping vpn client (stop firewall for server). Why??
Config standard openvpn by vizards.
Everybody can help me??
Metu69salemi last edited by
Few possible reasons:
- You haven't allowed trafic to vpn interface from your intranet-sites
- VPN-client doesn't have route to other machines, you can use advanced setting "push route"…
Post your config, firewall rules and a network map, so we can help.
- trafic to vpn interface * * * * * *.
- push route 10.8.0.0, i has ping PCs have IP from DHCP
Net map: Internet–-----pfsense (allow all)-------LAN (10.8.0.0/21).
LAN: - IP static ex 10.8.0.1-10.8.1.254
- IP dynamic from DHCP scope 10.8.4.0 -10.8.4.254
- DNS 10.8.0.1
- GW df pfsense
- option scapoe dhcp: DNS, GW
firewall allow all on interface LAN
firewall allow all on interface OpenVPN
from PC has IP static i can ping vpn client but from vpn client i can't ping PC has ip static, only ping PCs has IP dynamic
keepalive 10 60
server 10.0.8.0 255.255.255.0
auth-user-pass-verify /var/etc/openvpn/server1.php via-env
management /var/etc/openvpn/server1.sock unix
push "route 10.8.0.0 255.255.248.0"
push "dhcp-option DOMAIN btp.com.vn"
push "dhcp-option DNS 10.8.0.1"
tls-auth /var/etc/openvpn/server1.tls-auth 0
remote ... 1194 udp
tls-auth pfSense-udp-1194-user-tls.key 1
Looks like a subnet/routing/config issue:
Your LAN is configured with 10.0.8.0/24, but you are pushing 10.8.0.0/21 to your clients.
Edit your LAN subnet accordingly.
sorry because Ips do not real Ips. I setting IP LAN exactly with sunetmask 21.
Can you re-phrase? I'm not following what you said.