Cant ping lan from Vpn client but other way around possible



  • Hi

    I setup vpn server successfully.
    My vpn server 10.0.0.0/24
    My local lan 192.168.1.0/24

    From vpn client, I can ping 10.0.0.1 and 192.168.1.1. I can access internet without problem. Client's ip is host's ip so everything seems correct. Lan clients can ping vpn clients but vpn clients cannot ping lan clients.
    I also added
    push "route 10.0.0.0 255.255.255.0"
    line to advanced section of vpn server. I added firewall rules both lan and openvpn section which should forward things but all failed please help me



  • Need more info.

    Post your server.conf.
    Post your firewall rules.



  • ok

    I found openvpn conf file under /var/etc/openvpn/server1.conf im posting it

    dev ovpns1
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-128-CBC
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local 85.96.61.173
    tls-server
    server 10.0.0.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc
    username-as-common-name
    auth-user-pass-verify /var/etc/openvpn/server1.php via-env
    tls-verify /var/etc/openvpn/server1.tls-verify.php
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    max-clients 10
    push "route 192.168.1.0 255.255.255.0"
    push "dhcp-option DNS 193.140.100.210"
    push "dhcp-option DNS 88.255.242.6"
    push "redirect-gateway def1"
    client-to-client
    ca /var/etc/openvpn/server1.ca
    cert /var/etc/openvpn/server1.cert
    key /var/etc/openvpn/server1.key
    dh /etc/dh-parameters.1024
    tls-auth /var/etc/openvpn/server1.tls-auth 0
    comp-lzo
    persist-remote-ip
    float
    push "route 10.0.0.0 255.255.255.0"

    push "route 192.168.1.0 255.255.255.0"

    Im also postin firewall rules

    I hope these help



  • I installed pfsense 2.1beta using snaphots. I configured it in "tap" mode. After dealing with windows firewall everything seems to be ok now.
    Except, when i try to connect to vpn server from local network, it connects but nothing works. It's not a big issue since nobody needs to use VPN in local network but it was working in v2.0.2 though. I noticed "Backend for authentication" line is missing in openvpn/server page. I thought this is issue or maybe tap mode is causing it. It would be better if i could test vpn from local network though.


Log in to reply