Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't connect to local network

    OpenVPN
    2
    4
    717
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mazzokun
      last edited by

      Hi all!
      I want to connect from my home or my iPhone to my office wan subnet with openvpn.
      Now I can connect to the openvpn server but I cannot access to wan subnet.
      I attach my net diagram  :-[  and some pfsense screenshots… Where is the mistake?? ???

      [url=https://dl.dropboxusercontent.com/u/28376825/psense.zip]https://dl.dropboxusercontent.com/u/28376825/psense.zip

      Thank You all
      Davide
      [Schermata 2013-09-25 alle 12.09.47.png](/public/imported_attachments/1/Schermata 2013-09-25 alle 12.09.47.png)

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        I can't see some of the things you put on for the MAC - However…

        I see some big problems.

        in Firewall > Rules

        Remove the rule for 192.168.2.0/24 on the WAN - Thats bad and un-needed.

        Remove the rule that looks like all * * * * * * * at the bottom on the WAN
        That is a pass any from any to all rule and shouldn't be on the WAN.
        Thats TERRIBLE and un-needed.  That rule turns your firewall into a Welcome-all-wall.

        remove the last rule on your firewall > rules Openvpn tab.  The first rule is all that is needed.

        in your mac client config, near the bottom of the commands add route 192.168.1.0 255.255.255.0

        Lastly - NONE of this is going to work well if the subnet you are on when you are away from home is also 192.168.1.0/24 or 192.168.2.0/24.  Thats why when you set up a pfsense with the intent of using it for VPN you should pick seldom used IP for the LAN like 10.50.36.1 / 24

        Hope that helps.

        1 Reply Last reply Reply Quote 0
        • M
          Mazzokun
          last edited by

          Yes, I added that bad rule because I was desperate and thinked  there were something bad…
          Yes, home net and office subnet are the same -.-'' Il'' change office network :)
          I dont' understand what I have to do " in your mac client config, near the bottom of the commands add route 192.168.1.0 255.255.255.0"..  ???
          You mean Into System/Routing/Routeses ???

          Thank you very much  :D

          1 Reply Last reply Reply Quote 0
          • K
            kejianshi
            last edited by

            In the client configurat that is located on your MAC (its just a file that probably ends with .ovpn) there is a bunch of commands.

            Try adding:

            route 192.168.1.0 255.255.255.0

            incase for some reason its not getting pushed from pfsense.

            But you really really need to change your LAN IP ASAP to something off…  like 192.168.39.1/24 and your Openvpn IPs also to something off like 10.x.x.0/24 (the Xs would be a random number between 10 and 200)

            Right now its way to probable that you will have IP conflicts because 192.168.1.x is way too common.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post