Accessing multiple networks from an Open VPN connection

efe476

Hi all,

I am trying to figure out where in my configuration I have gone wrong. I am using 2.1.3-RELEASE (i386)

Problem: I am able to ping and access all devices on the 192.168.2.1/24 network, but only 10.100.10.70 on the 10.100.10.71/24 network. I know there are other devices on the 10.100.10.71/24 network because i can ping them using the Diagnostic->ping option and if ssh into pfsense and open up a shell i can also ping the devices for ex: 10.100.10.103.

Here is my setup:

LAN (bridged) -> OPT1, OPT2, OPT4: Static IPv4 with DHCP server running (192.168.2.1/24)
PRV5 (OPT3 originally): Static IPv4 (10.100.10.71/24). There is no gateway defined on this network

I have setup the OpenVPN server and set the following

IPv4 Local Network/s: 192.168.2.0/24,10.100.10.0/24

I have also added the following rules on the PRV5 interface (if i remove the 10.0.8.0/24 rule i can't ping 10.100.10.70 either):

ID Proto Source Port Destination Port Gateway Queue Schedule Description
        IPv4 * 10.100.10.0/24 * * * * none   Local Network passthrough
        IPv4 * 10.0.8.0/24 * * * * none   VPN Network passthrough

I know the routes are okay at least on the client side, because once i connect from my windows box i have the following entries from "route print" command (note 192.168.2.0    255.255.255.0 and 10.100.10.0    255.255.255.0 ):

IPv4 Route Table

Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0    192.168.10.1  192.168.10.108    10
        10.0.8.1  255.255.255.255        10.0.8.5        10.0.8.6    30
        10.0.8.4  255.255.255.252        On-link          10.0.8.6    286
        10.0.8.6  255.255.255.255        On-link          10.0.8.6    286
        10.0.8.7  255.255.255.255        On-link          10.0.8.6    286
      10.100.10.0    255.255.255.0        10.0.8.5        10.0.8.6    30
        127.0.0.0        255.0.0.0        On-link        127.0.0.1    306
        127.0.0.1  255.255.255.255        On-link        127.0.0.1    306
  127.255.255.255  255.255.255.255        On-link        127.0.0.1    306
      192.168.2.0    255.255.255.0        10.0.8.5        10.0.8.6    30
    192.168.10.0    255.255.255.0        On-link    192.168.10.108    266
  192.168.10.108  255.255.255.255        On-link    192.168.10.108    266
  192.168.10.255  255.255.255.255        On-link    192.168.10.108    266
    192.168.56.0    255.255.255.0        On-link      192.168.56.1    276
    192.168.56.1  255.255.255.255        On-link      192.168.56.1    276
  192.168.56.255  255.255.255.255        On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0        On-link        127.0.0.1    306
        224.0.0.0        240.0.0.0        On-link    192.168.10.108    266
        224.0.0.0        240.0.0.0        On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0        On-link          10.0.8.6    286
  255.255.255.255  255.255.255.255        On-link        127.0.0.1    306
  255.255.255.255  255.255.255.255        On-link    192.168.10.108    266
  255.255.255.255  255.255.255.255        On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255        On-link          10.0.8.6    286

I am at a loss on what might be causing this issue, any suggestions are greatly appreciated.

thank you !

viragomann

Hi,

I have also added the following rules on the PRV5 interface

you have to put the rule allowing traffic from OpenVPN to OpenVPN interface.