OVPN Routing Help



  • I got the connection made to my pfSense.  I can ping the pfSense box, but can't get anything else within the LAN.  TCP or UDP neither work.  It looks like the routes are in good…I don't know, I'm stumped.

    Address Pool:  172.20.200.0/24
    Local Network:  172.20.18.0/24

    Thu Feb 14 05:44:20 2008 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    Thu Feb 14 05:44:20 2008 PUSH: Received control message: 'PUSH_REPLY,route 172.2
    0.18.0 255.255.255.0,dhcp-option DOMAIN ussa.edu,dhcp-option DNS 172.20.18.47,dh
    cp-option DNS 172.20.19.30,dhcp-option WINS 172.20.18.47,dhcp-option DISABLE-NBT
    ,route 172.20.200.1,ping 10,ping-restart 60,ifconfig 172.20.200.6 172.20.200.5'
    Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: timers and/or timeouts modified
    Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: –ifconfig/up options modified
    Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: route options modified
    Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
    modified
    Thu Feb 14 05:44:20 2008 TAP-WIN32 device [Local Area Connection 3] opened: \.
    Global{810506C4-91A0-472E-B5CC-9A0C442CF9AA}.tap
    Thu Feb 14 05:44:20 2008 TAP-Win32 Driver Version 8.4
    Thu Feb 14 05:44:20 2008 TAP-Win32 MTU=1500
    Thu Feb 14 05:44:20 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 1
    72.20.200.6/255.255.255.252 on interface {810506C4-91A0-472E-B5CC-9A0C442CF9AA}
    [DHCP-serv: 172.20.200.5, lease-time: 31536000]
    Thu Feb 14 05:44:20 2008 Successful ARP Flush on interface [3] {810506C4-91A0-47
    2E-B5CC-9A0C442CF9AA}
    Thu Feb 14 05:44:20 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
    Thu Feb 14 05:44:20 2008 Route: Waiting for TUN/TAP interface to come up…
    Thu Feb 14 05:44:21 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
    Thu Feb 14 05:44:21 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Feb 14 05:44:22 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
    Thu Feb 14 05:44:22 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Feb 14 05:44:23 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
    Thu Feb 14 05:44:23 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Feb 14 05:44:24 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
    Thu Feb 14 05:44:24 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Feb 14 05:44:26 2008 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
    Thu Feb 14 05:44:26 2008 route ADD 172.20.18.0 MASK 255.255.255.0 172.20.200.5
    Thu Feb 14 05:44:26 2008 Route addition via IPAPI succeeded
    Thu Feb 14 05:44:26 2008 route ADD 172.20.200.1 MASK 255.255.255.255 172.20.200.
    5
    Thu Feb 14 05:44:26 2008 Route addition via IPAPI succeeded
    Thu Feb 14 05:44:26 2008 Initialization Sequence Completed

    ===========================================================================

    Active Routes:
    Network Destination        Netmask          Gateway      Interface  Metric
              0.0.0.0          0.0.0.0      192.168.1.1  192.168.1.155      20
            127.0.0.0        255.0.0.0        127.0.0.1      127.0.0.1      1
          169.254.0.0      255.255.0.0    192.168.1.155  192.168.1.155      30
          172.20.18.0    255.255.255.0    172.20.200.5    172.20.200.6      1
        172.20.200.1  255.255.255.255    172.20.200.5    172.20.200.6      1
        172.20.200.4  255.255.255.252    172.20.200.6    172.20.200.6      30
        172.20.200.6  255.255.255.255        127.0.0.1      127.0.0.1      30
      172.20.255.255  255.255.255.255    172.20.200.6    172.20.200.6      30
          192.168.1.0    255.255.255.0    192.168.1.155  192.168.1.155      20
        192.168.1.155  255.255.255.255        127.0.0.1      127.0.0.1      20
        192.168.1.255  255.255.255.255    192.168.1.155  192.168.1.155      20
            224.0.0.0        240.0.0.0    172.20.200.6    172.20.200.6      30
            224.0.0.0        240.0.0.0    192.168.1.155  192.168.1.155      20
      255.255.255.255  255.255.255.255    172.20.200.6    172.20.200.6      1
      255.255.255.255  255.255.255.255    192.168.1.155  192.168.1.155      1
    Default Gateway:      192.168.1.1

    Persistent Routes:
      None



  • @rbennett:

    I got the connection made to my pfSense.  I can ping the pfSense box, but can't get anything else within the LAN.  TCP or UDP neither work.  It looks like the routes are in good…I don't know, I'm stumped.

    This usually is because your OpenVPN box (which is your pfSense box) isn't the default gateway for your LAN.



  • Do you happen to use multiwan?
    Do your LAN clients know the way back to your OpenVPN subnet?



  • the gateway, I always forget about the gateway.  That was it. Thanks!


Locked