• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Can't connect to local network

Scheduled Pinned Locked Moved OpenVPN
4 Posts 2 Posters 1.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    Mazzokun
    last edited by Sep 25, 2013, 12:52 PM

    Hi all!
    I want to connect from my home or my iPhone to my office wan subnet with openvpn.
    Now I can connect to the openvpn server but I cannot access to wan subnet.
    I attach my net diagram  :-[  and some pfsense screenshots… Where is the mistake?? ???

    [url=https://dl.dropboxusercontent.com/u/28376825/psense.zip]https://dl.dropboxusercontent.com/u/28376825/psense.zip

    Thank You all
    Davide
    [Schermata 2013-09-25 alle 12.09.47.png](/public/imported_attachments/1/Schermata 2013-09-25 alle 12.09.47.png)

    1 Reply Last reply Reply Quote 0
    • K
      kejianshi
      last edited by Sep 25, 2013, 1:32 PM Sep 25, 2013, 1:22 PM

      I can't see some of the things you put on for the MAC - However…

      I see some big problems.

      in Firewall > Rules

      Remove the rule for 192.168.2.0/24 on the WAN - Thats bad and un-needed.

      Remove the rule that looks like all * * * * * * * at the bottom on the WAN
      That is a pass any from any to all rule and shouldn't be on the WAN.
      Thats TERRIBLE and un-needed.  That rule turns your firewall into a Welcome-all-wall.

      remove the last rule on your firewall > rules Openvpn tab.  The first rule is all that is needed.

      in your mac client config, near the bottom of the commands add route 192.168.1.0 255.255.255.0

      Lastly - NONE of this is going to work well if the subnet you are on when you are away from home is also 192.168.1.0/24 or 192.168.2.0/24.  Thats why when you set up a pfsense with the intent of using it for VPN you should pick seldom used IP for the LAN like 10.50.36.1 / 24

      Hope that helps.

      1 Reply Last reply Reply Quote 0
      • M
        Mazzokun
        last edited by Sep 25, 2013, 5:08 PM

        Yes, I added that bad rule because I was desperate and thinked  there were something bad…
        Yes, home net and office subnet are the same -.-'' Il'' change office network :)
        I dont' understand what I have to do " in your mac client config, near the bottom of the commands add route 192.168.1.0 255.255.255.0"..  ???
        You mean Into System/Routing/Routeses ???

        Thank you very much  :D

        1 Reply Last reply Reply Quote 0
        • K
          kejianshi
          last edited by Sep 25, 2013, 7:20 PM

          In the client configurat that is located on your MAC (its just a file that probably ends with .ovpn) there is a bunch of commands.

          Try adding:

          route 192.168.1.0 255.255.255.0

          incase for some reason its not getting pushed from pfsense.

          But you really really need to change your LAN IP ASAP to something off…  like 192.168.39.1/24 and your Openvpn IPs also to something off like 10.x.x.0/24 (the Xs would be a random number between 10 and 200)

          Right now its way to probable that you will have IP conflicts because 192.168.1.x is way too common.

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received