OVPN Routing Help

rbennett

I got the connection made to my pfSense.  I can ping the pfSense box, but can't get anything else within the LAN.  TCP or UDP neither work.  It looks like the routes are in good…I don't know, I'm stumped.

Address Pool:  172.20.200.0/24
Local Network:  172.20.18.0/24

Thu Feb 14 05:44:20 2008 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Feb 14 05:44:20 2008 PUSH: Received control message: 'PUSH_REPLY,route 172.2
0.18.0 255.255.255.0,dhcp-option DOMAIN ussa.edu,dhcp-option DNS 172.20.18.47,dh
cp-option DNS 172.20.19.30,dhcp-option WINS 172.20.18.47,dhcp-option DISABLE-NBT
,route 172.20.200.1,ping 10,ping-restart 60,ifconfig 172.20.200.6 172.20.200.5'
Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: timers and/or timeouts modified
Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: –ifconfig/up options modified
Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: route options modified
Thu Feb 14 05:44:20 2008 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
Thu Feb 14 05:44:20 2008 TAP-WIN32 device [Local Area Connection 3] opened: \.
Global{810506C4-91A0-472E-B5CC-9A0C442CF9AA}.tap
Thu Feb 14 05:44:20 2008 TAP-Win32 Driver Version 8.4
Thu Feb 14 05:44:20 2008 TAP-Win32 MTU=1500
Thu Feb 14 05:44:20 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 1
72.20.200.6/255.255.255.252 on interface {810506C4-91A0-472E-B5CC-9A0C442CF9AA}
[DHCP-serv: 172.20.200.5, lease-time: 31536000]
Thu Feb 14 05:44:20 2008 Successful ARP Flush on interface [3] {810506C4-91A0-47
2E-B5CC-9A0C442CF9AA}
Thu Feb 14 05:44:20 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Thu Feb 14 05:44:20 2008 Route: Waiting for TUN/TAP interface to come up…
Thu Feb 14 05:44:21 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Thu Feb 14 05:44:21 2008 Route: Waiting for TUN/TAP interface to come up...
Thu Feb 14 05:44:22 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Thu Feb 14 05:44:22 2008 Route: Waiting for TUN/TAP interface to come up...
Thu Feb 14 05:44:23 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Thu Feb 14 05:44:23 2008 Route: Waiting for TUN/TAP interface to come up...
Thu Feb 14 05:44:24 2008 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Thu Feb 14 05:44:24 2008 Route: Waiting for TUN/TAP interface to come up...
Thu Feb 14 05:44:26 2008 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Thu Feb 14 05:44:26 2008 route ADD 172.20.18.0 MASK 255.255.255.0 172.20.200.5
Thu Feb 14 05:44:26 2008 Route addition via IPAPI succeeded
Thu Feb 14 05:44:26 2008 route ADD 172.20.200.1 MASK 255.255.255.255 172.20.200.
5
Thu Feb 14 05:44:26 2008 Route addition via IPAPI succeeded
Thu Feb 14 05:44:26 2008 Initialization Sequence Completed

===========================================================================

Active Routes:
Network Destination        Netmask          Gateway      Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1  192.168.1.155      20
        127.0.0.0        255.0.0.0        127.0.0.1      127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.1.155  192.168.1.155      30
      172.20.18.0    255.255.255.0    172.20.200.5    172.20.200.6      1
    172.20.200.1  255.255.255.255    172.20.200.5    172.20.200.6      1
    172.20.200.4  255.255.255.252    172.20.200.6    172.20.200.6      30
    172.20.200.6  255.255.255.255        127.0.0.1      127.0.0.1      30
  172.20.255.255  255.255.255.255    172.20.200.6    172.20.200.6      30
      192.168.1.0    255.255.255.0    192.168.1.155  192.168.1.155      20
    192.168.1.155  255.255.255.255        127.0.0.1      127.0.0.1      20
    192.168.1.255  255.255.255.255    192.168.1.155  192.168.1.155      20
        224.0.0.0        240.0.0.0    172.20.200.6    172.20.200.6      30
        224.0.0.0        240.0.0.0    192.168.1.155  192.168.1.155      20
  255.255.255.255  255.255.255.255    172.20.200.6    172.20.200.6      1
  255.255.255.255  255.255.255.255    192.168.1.155  192.168.1.155      1
Default Gateway:      192.168.1.1

Persistent Routes:
  None

Cry Havok

@rbennett:

I got the connection made to my pfSense.  I can ping the pfSense box, but can't get anything else within the LAN.  TCP or UDP neither work.  It looks like the routes are in good…I don't know, I'm stumped.

This usually is because your OpenVPN box (which is your pfSense box) isn't the default gateway for your LAN.

GruensFroeschli

Do you happen to use multiwan?
Do your LAN clients know the way back to your OpenVPN subnet?

rbennett

the gateway, I always forget about the gateway.  That was it. Thanks!