Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VPNClient couldn't access Clients in LAN + Internet

    OpenVPN
    2
    2
    978
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Minti last edited by

      Hi,

      i have a problem by setting up a VpnServer with pfsense.
      This is the test environment i used:

      VPN Clients
                                            172.21.180.X/23
                                                    |
                                                    |
                                                    |
      GW to Internet–-------------WAN-IP Pfsense------------------LAN-IP Pfsense---------------------Client
      172.28.204.2                      172.28.204.220                          10.20.0.2/24                                10.20.0.10
                                                    |
                                                    |
                                                    |
                                              OpenVPN Service
                                              10.20.1.0/24

      The client in my internal LAN(10.20.0.10) could access internet.
      I could also connect to the openvpn service on the pfsense server out of the 172.21.180.0/23 network.
      The VPN Client gets the IP-Adress 10.20.1.6 Gateway 10.20.1.5.
      My problem is that the VPN Client couldn't reach the Internet or the internal LAN.

      Here's my OpenVPN Config:
      Server Mode: Remote Access (SSL / TLS)
      Protocol: UDP
      Device Mode: tun
      Interface: WAN
      Local port: 1194
      Tunnel Network: 10.20.1.0/24
      Force all client generated traffic through the tunnel
      Compress tunnel packets using the LZO algorithm.
      Provide a virtual adapter IP address to clients

      Nat config:
      Interface  source                dest
      WAN        10.20.0.0/24        all
      OpenVPN  10.20.1.0/24        all

      Firewall rules
      WAN allow UDP 1194
      LAN Allow everything when source is LAN
      OpenVPN allow everything

      What do i have to do to access internal LAN and Internet from my VPN-Client?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis last edited by

        Your OpenVPN server config does not mention what you put for "Local Network" and "Remote Network". On the server, you certainly need to specify "Local Network" - 10.20.0.0/24 - and that will be told to the clients.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post